Lucene search

[email protected]NVD:CVE-2010-2862

HistoryAug 05, 2010 - 6:17 p.m.

CVE-2010-2862

2010-08-0518:17:58

CWE-189

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.902 High

EPSS

Percentile

98.8%

JSON

Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and Acrobat 9.3.3, allows remote attackers to execute arbitrary code via a TrueType font with a large maxCompositePoints value in a Maximum Profile (maxp) table.

Affected configurations

NVD

Node

adobeacrobat_readerMatch8.2.3

adobeacrobat_readerMatch9.3.3

Node

adobeacrobatMatch9.3.3

References

secunia.com/advisories/40766

securityevaluators.com/files/papers/CrashAnalysis.pdf

www.us-cert.gov/cas/techalerts/TA10-231A.html

www.zdnet.co.uk/news/security-threats/2010/08/04/adobe-confirms-pdf-security-hole-in-reader-40089737/

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11693

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.902 High

EPSS

Percentile

98.8%

JSON

Related for NVD:CVE-2010-2862

threatpost5 checkpoint_advisories2 cve1 cvelist1 openvas6 prion1 nessus10 redhat1 suse1