Cadastre-se agora para um orçamento mais personalizado!

Vulnerability Spotlight: Adobe Acrobat Reader DC jpeg Decoder Vulnerability

Jan, 20, 2017 Hi-network.com

Discovered by Aleksandar Nikolic of Cisco Talos

Overview

Talos is disclosingTALOS-2016-0259/ CVE-2017-2791 an uninitialized memory vulnerability in Adobe Acrobat Reader DC. Adobe Acrobat Reader is one of the largest and well known PDF readers available today.

This particular vulnerability is associated with the JPEG Decoder functionality embedded in the application. A specially crafted PDF document containing a JPEG can be used to trigger this vulnerability which results in a heap-based buffer overflow which can be leveraged to achieve remote code execution. This issue has been resolved in the most recent patch provided by Adobe. The full details surrounding the vulnerability are availablehere.

Coverage

The following Snort Rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your FireSIGHT Management Center or Snort.org.

Snort Rule: 41298 -41305


tag-icon Tags quentes : Cisco Talos 0-day Vulnerability Research vulnerability spotlight

Copyright © 2014-2024 Hi-Network.com | HAILIAN TECHNOLOGY CO., LIMITED | All Rights Reserved.