CVE-2010-2883

2010-09-09T22:00:00
ID CVE-2010-2883
Type cve
Reporter cve@mitre.org
Modified 2018-10-30T16:25:00

Description

Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information. Per: http://www.adobe.com/support/security/advisories/apsa10-02.html

'Affected software versions

Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh.' Per: http://www.adobe.com/support/security/advisories/apsa10-02.html

'Adobe is in the process of evaluating the schedule for an update to resolve this vulnerability.'