CVE-2017-11210 : What You Need to Know
Learn about CVE-2017-11210 affecting Adobe Acrobat Reader versions 2017.009.20058 and earlier. Find mitigation steps and update recommendations here.
Adobe Acrobat Reader versions 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier are affected by a memory corruption vulnerability in the font parsing function.
Understanding CVE-2017-11210
A memory corruption vulnerability in Adobe Acrobat Reader versions.
What is CVE-2017-11210?
- A memory corruption vulnerability in the font parsing function of Adobe Acrobat Reader versions.
- Exploitable through an XML Paper Specification (XPS) file containing an embedded font.
The Impact of CVE-2017-11210
- Successful exploitation could lead to the execution of arbitrary code.
Technical Details of CVE-2017-11210
Adobe Acrobat Reader memory corruption vulnerability.
Vulnerability Description
- Vulnerability in the font parsing function of affected Adobe Acrobat Reader versions.
Affected Systems and Versions
- Adobe Acrobat Reader versions 2017.009.20058 and earlier.
- Versions 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier.
Exploitation Mechanism
- Exploited through an XML Paper Specification (XPS) file with an embedded font.
Mitigation and Prevention
Mitigation steps for CVE-2017-11210.
Immediate Steps to Take
- Update Adobe Acrobat Reader to the latest version.
- Avoid opening XPS files from untrusted sources.
Long-Term Security Practices
- Regularly update software and security patches.
- Implement security best practices for file handling and downloads.
Patching and Updates
- Adobe released security updates to address this vulnerability.