|
|
|||
| Rule General Information |
|---|
| Release Date: | 2021-05-25 | |
| Rule Name: | Adobe Reader and Acrobat XSLT function-available Buffer Overflow Vulnerability (CVE-2017-2949) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the XSLT engine. Successful exploitation could lead to arbitrary code execution. | |
| Impact: | A buffer overflow vulnerability can be triggered by an attacker in the context of the vulnerable product. Further attacks includes arbitrary code execution and denial of service. | |
| Affected OS: | Windows | |
| Reference: | SecurityFocusBID:95344 AdobeSecurityBulletins:apsb17-01 SecurityTrackerID:1037574 ZeroDayInitiative:ZDI-17-005 |
|
| Solutions |
|---|
| The vendors have released upgrade patches to fix vulnerabilities, please visit: https://helpx.adobe.com/security/products/acrobat/apsb17-01.html |