CVE-2017-11216

Name of the Vulnerable Software and Affected Versions Adobe Acrobat Reader versions 2017.009.20058 and earlier Adobe Acrobat Reader versions 2017.008.30051 and earlier Adobe Acrobat Reader versions 2015.006.30306 and earlier Adobe Acrobat Reader version 11.0.20 and earlier Adobe Acrobat Document Cloud (affected versions not specified) Adobe Acrobat (affected versions not specified) Adobe Reader (affected versions not specified) Adobe Reader Document Cloud (affected versions not specified)

Description The issue is related to a memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to bitmap transformations. This vulnerability can be exploited to achieve arbitrary code execution. The vulnerability is caused by an out-of-bounds operation in the memory buffer when handling EMF files associated with raster transformations. Successful exploitation could allow a remote attacker to execute arbitrary code.

Recommendations For Adobe Acrobat Reader versions 2017.009.20058 and earlier, update to a version later than 2017.009.20058 to resolve the issue. For Adobe Acrobat Reader versions 2017.008.30051 and earlier, update to a version later than 2017.008.30051 to resolve the issue. For Adobe Acrobat Reader versions 2015.006.30306 and earlier, update to a version later than 2015.006.30306 to resolve the issue. For Adobe Acrobat Reader version 11.0.20 and earlier, update to a version later than 11.0.20 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability for Adobe Acrobat Document Cloud, Adobe Acrobat, Adobe Reader, and Adobe Reader Document Cloud.