Hi, Please use this version - we changed some things in the post -- Thanks Maor Shwartz GPG Key ID: 93CC36E2DE7FF514 On Wed, Aug 9, 2017 at 2:04 PM, Maor Shwartz <maors@xxxxxxxxxxxxxxxxxx> wrote: > *SSD Advisory – Acrobat Reader DC – Stream Object Remote Code Execution* > > Full report: https://blogs.securiteam.com/index.php/archives/3361 > Twitter account: @SecuriTeam_SSD > > > *Vulnerability Summary*The following advisory describes a use after free > vulnerability that leads to remote code execution found in Acrobat Reader > DC version 2017.009.20044. > > *Credit* > A security researcher from, Siberas, has reported this vulnerability to > Beyond Security’s SecuriTeam Secure Disclosure program > > > *Vendor response*The vendor has released patches to address this > vulnerability. > For more information: http://www.adobe.com/devnet-docs/acrobatetk/tools/ > ReleaseNotes/DC/dccontinuousaug2017.html#dccontinuousaugusttwentyseventeen > > CVE: CVE-2017-11254 > > > > -- > Thanks > Maor Shwartz > Beyond Security > GPG Key ID: 93CC36E2DE7FF514 >
Attachment:
NewSSD Advisory – Acrobat Reader DC – Stream Object Remote Code Execution – SecuriTeam Blogs.pdf
Description: Adobe PDF document
_______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/