*SSD Advisory – Acrobat Reader DC – Stream Object Remote Code Execution* Full report: https://blogs.securiteam.com/index.php/archives/3361 Twitter account: @SecuriTeam_SSD *Vulnerability Summary*The following advisory describes a use after free vulnerability that leads to remote code execution found in Acrobat Reader DC version 2017.009.20044. *Credit* A security researcher from, Siberas, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program *Vendor response*The vendor has released patches to address this vulnerability. For more information: http://www.adobe.com/devnet-docs/acrobatetk/tools/ReleaseNotes/DC/dccontinuousaug2017.html#dccontinuousaugusttwentyseventeen CVE: CVE-2017-11254 -- Thanks Maor Shwartz Beyond Security GPG Key ID: 93CC36E2DE7FF514
Attachment:
SSD Advisory – Acrobat Reader DC – Stream Object Remote Code Execution – SecuriTeam Blogs.pdf
Description: Adobe PDF document
_______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/