CVE-2017-3023

Name of the Vulnerable Software and Affected Versions Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier

Description The issue is caused by a buffer overflow in the JPEG 2000 code-stream tile functionality, which can lead to memory corruption. This can allow a remote attacker to execute arbitrary code. The vulnerability can be exploited by a remote attacker, potentially leading to damage to memory.

Recommendations For versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier, update to a version that fixes the memory corruption vulnerability in the JPEG 2000 code-stream tile functionality to prevent arbitrary code execution. As a temporary workaround, consider disabling the JPEG 2000 functionality until a patch is available. Restrict access to the affected Adobe Reader and Acrobat modules to minimize the risk of exploitation.