CVE-2017-3031

Name of the Vulnerable Software and Affected Versions Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier Adobe Acrobat versions prior to the fixed version are affected, however the exact fixed version is not specified

Description The issue is related to a memory address leak vulnerability in the XSLT engine of Adobe Acrobat and Reader. This vulnerability can be exploited by a remote attacker to cause a denial of service. The vulnerability is also described as a memory corruption issue that allows attackers to leak memory.

Recommendations For Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider disabling the XSLT engine in Adobe Acrobat and Reader until a patch is available. Restrict access to the XSLT namespace node to minimize the risk of exploitation. Avoid using nested variables in Adobe Reader DC until the issue is resolved.