Use After Free Vulnerability in Adobe Acrobat Reader's JavaScript Engine Allows Arbitrary Code Execution

Use After Free Vulnerability in Adobe Acrobat Reader's JavaScript Engine Allows Arbitrary Code Execution

CVE-2017-2956 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine, related to manipulation of the navigation pane. Successful exploitation could lead to arbitrary code execution.

Learn more about our Web Application Penetration Testing UK.