Learn about CVE-2017-2946 affecting Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. Find out how to prevent arbitrary code execution.
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier are affected by a heap overflow vulnerability that could allow an attacker to execute arbitrary code.
Understanding CVE-2017-2946
Adobe Acrobat Reader is susceptible to a heap overflow vulnerability that arises during the parsing of a segment used for storing non-graphic information.
What is CVE-2017-2946?
The vulnerability in Adobe Acrobat Reader versions 15.020.20042 and prior, 15.006.30244 and prior, 11.0.18 and prior allows for the execution of arbitrary code if successfully exploited.
The Impact of CVE-2017-2946
Exploitation of this vulnerability can lead to the execution of arbitrary code, potentially enabling an attacker to take control of the affected system.
Technical Details of CVE-2017-2946
Adobe Acrobat Reader's vulnerability is detailed below:
Vulnerability Description
The heap overflow vulnerability in Adobe Acrobat Reader occurs during the parsing of a segment used for storing non-graphic information.
Affected Systems and Versions
Exploitation Mechanism
The vulnerability can be exploited by manipulating the parsing of the segment for storing non-graphic information, leading to a heap overflow.
Mitigation and Prevention
To address CVE-2017-2946, consider the following steps:
Immediate Steps to Take
Long-Term Security Practices
Patching and Updates