|
|
|||
| Rule General Information |
|---|
| Release Date: | 2019-03-04 | |
| Rule Name: | Adobe Reader TIFF Heap Overflow Vulnerability (CVE-2017-3048) | |
| Severity: | ||
| CVE ID: | ||
| CNNVD ID: | ||
| Rule Protection Details |
|---|
| Description: | Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to internal scan line representation in TIFF files. Successful exploitation could lead to arbitrary code execution. | |
| Impact: | Attackers can exploit these issues to execute arbitrary code within the context of the application. Failed attempts will likely cause a denial-of-service condition. | |
| Affected OS: | Windows, Linux, FreeBSD, Solaris, Other Unix, Network Device, Mac OS, iOS, Android, Others | |
| Reference: | SecurityFocusBID:97549 AdobeSecurityBulletins:apsb17-11 SecurityTrackerID:1038228 ZeroDayInitiative:ZDI-17-272 |
|
| Solutions |
|---|
| Adobe has issued a fix on the official website. For more advisory, please visit: https://helpx.adobe.com/security/products/acrobat/apsb17-11.html |