PT-2017-15662 · Adobe · Acrobat Reader
Publicado
2017-08-08
·
Atualizado
2019-08-21
·
CVE-2017-3113
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Adobe Acrobat Reader versions 2017.009.20058 and earlier
Adobe Acrobat Reader versions 2017.008.30051 and earlier
Adobe Acrobat Reader versions 2015.006.30306 and earlier
Adobe Acrobat Reader version 11.0.20 and earlier
Description
The issue is related to a use-after-free vulnerability in the JavaScript engine when creating large strings, which could lead to arbitrary code execution. This vulnerability allows attackers to execute code remotely.
Recommendations
For Adobe Acrobat Reader version 11.0.20 and earlier, update to a version later than 11.0.20.
For Adobe Acrobat Reader versions 2015.006.30306 and earlier, update to a version later than 2015.006.30306.
For Adobe Acrobat Reader versions 2017.008.30051 and earlier, update to a version later than 2017.008.30051.
For Adobe Acrobat Reader versions 2017.009.20058 and earlier, update to a version later than 2017.009.20058.
Correção
Use After Free
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Acrobat Reader