CVE-2016-1080

Name of the Vulnerable Software and Affected Versions Adobe Reader versions (affected versions not specified) Adobe Acrobat versions (affected versions not specified)

Description The issue is caused by a buffer overflow, allowing a remote attacker to execute arbitrary code or cause a denial of service (memory corruption). A memory corruption vulnerability in Adobe Acrobat and Reader enables attackers to execute code. The vulnerability is also related to an out-of-bounds read information disclosure in Adobe Acrobat Pro DC, specifically in the TIFF TAGTYPE parsing during image conversion.

Recommendations For Adobe Reader, update to a version that contains a fix for this issue. For Adobe Acrobat, update to a version that contains a fix for this issue. As a temporary workaround, consider restricting the use of the TIFF image conversion feature in Adobe Acrobat Pro DC until a patch is available. Avoid using Adobe Acrobat and Reader to open untrusted PDF files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.