First published: Wed Jan 11 2017(Updated: )
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow / underflow vulnerability in the image conversion module related to parsing tags in TIFF files. Successful exploitation could lead to arbitrary code execution.
Credit: psirt@adobe.com
Affected Software | Affected Version | How to fix |
---|---|---|
Adobe Acrobat Reader | <=11.0.18 | |
Adobe Acrobat Reader | <=15.006.30244 | |
Adobe Acrobat Reader | <=15.020.20042 | |
Adobe Acrobat Reader Notification Manager | <=15.006.30244 | |
Adobe Acrobat Reader Notification Manager | <=15.020.20042 | |
Adobe Acrobat Reader | <=11.0.18 | |
Apple iOS and macOS | ||
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-2952 has been classified as a critical vulnerability due to the potential for arbitrary code execution.
To fix CVE-2017-2952, update Adobe Acrobat Reader to the latest version available from Adobe.
CVE-2017-2952 affects Adobe Acrobat Reader versions 11.0.18 and earlier, and Acrobat DC versions 15.006.30244 and earlier as well as 15.020.20042 and earlier.
CVE-2017-2952 is associated with an exploitable buffer overflow/underflow vulnerability in the image conversion module.
Successful exploitation of CVE-2017-2952 could lead to arbitrary code execution on the affected systems.