CVE-2017-11218

Name of the Vulnerable Software and Affected Versions Adobe Acrobat Reader versions 2017.009.20058 and earlier Adobe Acrobat Reader versions 2017.008.30051 and earlier Adobe Acrobat Reader versions 2015.006.30306 and earlier Adobe Acrobat Reader version 11.0.20 and earlier Adobe Acrobat Document Cloud (affected versions not specified) Adobe Acrobat (affected versions not specified) Adobe Reader (affected versions not specified) Adobe Reader Document Cloud (affected versions not specified)

Description The issue is related to an exploitable use after free vulnerability in XFA event management, which could lead to arbitrary code execution. Successful exploitation may allow a remote attacker to execute arbitrary code. The vulnerability is associated with the use of memory after it has been freed.

Recommendations For Adobe Acrobat Reader versions 2017.009.20058 and earlier, update to a version later than 2017.009.20058 to resolve the issue. For Adobe Acrobat Reader versions 2017.008.30051 and earlier, update to a version later than 2017.008.30051 to resolve the issue. For Adobe Acrobat Reader versions 2015.006.30306 and earlier, update to a version later than 2015.006.30306 to resolve the issue. For Adobe Acrobat Reader version 11.0.20 and earlier, update to a version later than 11.0.20 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability for Adobe Acrobat Document Cloud, Adobe Acrobat, Adobe Reader, and Adobe Reader Document Cloud.