CVE-2017-8691

Name of the Vulnerable Software and Affected Versions Adobe Acrobat versions (affected versions not specified) Adobe Acrobat Document Cloud versions (affected versions not specified) Foxit Reader versions (affected versions not specified) Adobe Reader Document Cloud versions (affected versions not specified) Adobe Reader versions (affected versions not specified) Windows Server 2008 SP2 and R2 SP1 Windows 7 SP1

Description The issue is caused by a buffer overflow in memory due to the improper handling of PCX files by the syntax analysis module in PDF editing and viewing software. This can allow a remote attacker to execute arbitrary code on a target system. The vulnerability can be exploited when the Windows font library fails to properly handle specially crafted embedded fonts.

Recommendations For Adobe Acrobat, update to a version that fixes the buffer overflow issue in the PCX file syntax analysis module. For Adobe Acrobat Document Cloud, update to a version that fixes the buffer overflow issue in the PCX file syntax analysis module. For Foxit Reader, update to a version that fixes the buffer overflow issue in the PCX file syntax analysis module. For Adobe Reader Document Cloud, update to a version that fixes the buffer overflow issue in the PCX file syntax analysis module. For Adobe Reader, update to a version that fixes the buffer overflow issue in the PCX file syntax analysis module. For Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1, apply the necessary patch to fix the Windows font library's handling of embedded fonts. At the moment, there is no information about a newer version that contains a fix for this vulnerability.