PatchSiren cyber security CVE debrief

CVE-2017-2970 Adobe CVE debrief

CVE-2017-2970 is a heap overflow vulnerability in Adobe Acrobat Reader/Acrobat's XSLT engine related to template manipulation. According to the NVD record, successful exploitation could lead to arbitrary code execution. The issue affects the specific Adobe version ranges listed in the advisory and is rated High severity.

Vendor: Adobe
Product: CVE-2017-2970
CVSS: HIGH 7.8
CISA KEV: Not listed in stored evidence
Original CVE published: 2017-01-24
Original CVE updated: 2026-05-13
Advisory published: 2017-01-24
Advisory updated: 2026-05-13

Who should care

Security teams managing Adobe Acrobat and Reader deployments, endpoint administrators, and users who regularly open untrusted PDF content should care most. Because exploitation can lead to arbitrary code execution, systems that process external documents deserve priority attention.

Technical summary

The NVD entry describes a heap overflow in the XSLT engine related to template manipulation. The affected product sets include Adobe Acrobat/Reader versions up to 11.0.18, Acrobat DC/Reader DC Classic up to 15.006.30244, and Acrobat DC/Reader DC Continuous up to 15.020.20042. NVD assigns CVSS v3.0 vector CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, reflecting local exploitation that requires user interaction and can impact confidentiality, integrity, and availability.

Defensive priority

High. The vulnerability is rated 7.8/HIGH and has arbitrary code execution potential, so patching should be prioritized on any endpoint that opens untrusted PDFs or uses affected Adobe Reader/Acrobat versions.

Recommended defensive actions

Update Adobe Acrobat/Reader to a version newer than the affected ceilings listed by NVD: 11.0.18, 15.006.30244, and 15.020.20042.
Use Adobe's security advisory APSB17-01 as the patch reference and verify the installed build matches a non-affected release.
Inventory desktops and VDI images to find any remaining affected Acrobat or Reader installations.
Prioritize remediation on endpoints that routinely open external or untrusted PDF files.
Confirm remediation through version checking rather than relying on product name alone, since both Classic and Continuous release lines are listed.

Evidence notes

This debrief is based on the supplied NVD record and Adobe advisory references. The CVE description states a heap overflow in the XSLT engine related to template manipulation with potential for arbitrary code execution. NVD lists affected Adobe Acrobat/Reader version ceilings and the CVSS v3.0 vector CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. Provided enrichment indicates the CVE is not a CISA KEV entry.

Official resources

CVE-2017-2970 CVE record
CVE.org
CVE-2017-2970 NVD detail
NVD
Source item URL
nvd_modified
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
Mitigation or vendor reference
[email protected] - Patch, Vendor Advisory

Published by the CVE record on 2017-01-24. The supplied source record was modified on 2026-05-13. No CISA KEV date is provided in the supplied enrichment.