Added: 09/17/2010
CVE: CVE-2010-2883
BID: 43057
OSVDB: 67849
Adobe Reader is free software for viewing PDF documents.
A buffer overflow in the CoolType.dll module allows command execution when a user opens a PDF document containing a long, specially crafted field in a SING table within a TrueType font.
Apply the fix referenced in APSA10-02 when available.
<http://secunia.com/advisories/41340>
Exploit works on Adobe Reader 9.3.4 and requires a user to open the exploit file.
The IO::Uncompress and Compress::Zlib PERL modules must be installed on the SAINTexploit host in order to run this exploit.
Windows