Intrusion Prevention

Adobe.Reader.JPEG.Stream.Double.Free

Description

This indicates an attack attempt to exploit a Memory Corruption vulnerability in Adobe Acrobat and Reader.
The vulnerability is due to an improper boundary check condition in the application when handling a crafted PDF file. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted PDF file.

Affected Products

Adobe Reader XI 11.0.05 and prior
Adobe Reader X 10.1.8 and prior
Adobe Acrobat XI 11.0.05 and prior
Adobe Acrobat X 10.1.8 and prior

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to the latest version available from the website.
http://helpx.adobe.com/security/products/acrobat/apsb14-01.html

CVE References

CVE-2014-0493