CVE-2015-6717

Name of the Vulnerable Software and Affected Versions Adobe Acrobat versions (affected versions not specified) Adobe Acrobat Document Cloud versions (affected versions not specified) Adobe Reader versions (affected versions not specified) Adobe Reader Document Cloud versions (affected versions not specified)

Description The issue is related to insufficient access restrictions to certain features in the DynamicAnnotStore method of Adobe PDF editing and viewing software. This can be exploited by a remote attacker to bypass JavaScript execution restrictions.

Recommendations For Adobe Acrobat, update to a version that addresses the DynamicAnnotStore method issue. For Adobe Acrobat Document Cloud, restrict access to the DynamicAnnotStore method until a patch is available. For Adobe Reader, consider disabling JavaScript execution in Adobe Reader until the issue is resolved. For Adobe Reader Document Cloud, avoid using the DynamicAnnotStore method in Adobe Reader Document Cloud until a fix is provided. At the moment, there is no information about a newer version that contains a fix for this vulnerability.