Lucene search
PRIOn knowledge basePRION:CVE-2010-2862HistoryAug 05, 2010 - 6:17 p.m.
Integer overflow
2010-08-0518:17:00
PRIOn knowledge base
www.prio-n.com
6
Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and Acrobat 9.3.3, allows remote attackers to execute arbitrary code via a TrueType font with a large maxCompositePoints value in a Maximum Profile (maxp) table.
| CPE | Name | Operator | Version |
|---|---|---|---|
| acrobat | eq | 9.3.3 | |
| acrobat_reader | eq | 8.2.3 | |
| acrobat_reader | eq | 9.3.3 |
References
secunia.com/advisories/40766
securityevaluators.com/files/papers/CrashAnalysis.pdf
www.us-cert.gov/cas/techalerts/TA10-231A.html
www.zdnet.co.uk/news/security-threats/2010/08/04/adobe-confirms-pdf-security-hole-in-reader-40089737/
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11693
Related
threatpost
threatpost
Demo of CVE-2010-2862 Adobe Reader Flaw Exploit
2010-09-02 13:29:52
Apple Uses Security Advisory to Push iTunes 10 Upgrade
2010-09-02 15:46:15
Adobe Plans Emergency PDF Reader Patch
2010-08-05 18:54:01
checkpoint_advisories
checkpoint_advisories
Adobe Reader cooltype.dll Remote Code Execution - Ver2 (CVE-2010-2862)
2014-03-31 00:00:00
Adobe Reader cooltype.dll Remote Code Execution (APSB10-17; CVE-2010-2862)
2010-08-19 00:00:00
cve
cve
CVE-2010-2862
2010-08-05 18:17:58
openvas
openvas
nvd
nvd
CVE-2010-2862
2010-08-05 18:17:58
cvelist
cvelist
CVE-2010-2862
2010-08-05 18:00:00
nessus
nessus
RHEL 4 / 5 : acroread (RHSA-2010:0636)
2010-08-23 00:00:00
openSUSE Security Update : acroread (openSUSE-SU-2010:0573-1)
2010-09-02 00:00:00
Adobe Reader < 9.3.4 / 8.2.4 Multiple Vulnerabilities (APSB10-17)
2010-08-19 00:00:00
redhat
redhat
(RHSA-2010:0636) Critical: acroread security update
2010-08-20 00:00:00
suse
suse
remote code execution in acroread
2010-09-01 13:59:57