This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects attempts of leveraging a use-after-free vulnerability in Adobe Acrobat Reader which could lead to arbitrary code execution.
Adobe Reader and Acrobat are applications for handling PDF files.
Adobe Acrobat and Reader are prone to a remote code-execution vulnerability because of a use-after-free condition. Specifically, this issue is triggered when the ToolButton object is removed within the callback and a reference to the ToolButton object is kept while executing the callback.
Attackers can exploit this issue to execute arbitrary code in the context of the application. Failed attacks may cause a denial-of-service condition.
- Acrobat 9 to 9.5.5
- Acrobat 10 to 10.1.7
- Acrobat 11 to 11.0.03