9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.596 Medium
EPSS
Percentile
97.8%
Added: 09/17/2010
CVE: CVE-2010-2883
BID: 43057
OSVDB: 67849
Adobe Reader is free software for viewing PDF documents.
A buffer overflow in the CoolType.dll module allows command execution when a user opens a PDF document containing a long, specially crafted field in a SING table within a TrueType font.
Apply the fix referenced in APSA10-02 when available.
<http://secunia.com/advisories/41340>
Exploit works on Adobe Reader 9.3.4 and requires a user to open the exploit file.
The IO::Uncompress and Compress::Zlib PERL modules must be installed on the SAINTexploit host in order to run this exploit.
Windows