Does Symantec protect against the "Adobe Reader / Acrobat Font Parsing Buffer Overflow" Vulnerability
Exploits for this vulnerability are detected as Bloodhound.Exploit.357
A writeup should be available shortly: http://www.symantec.com/business/security_response/writeup.jsp?docid=2010-090901-2159-99
AntiVirus definitions are included in the following Definitions set (or higher):
Defs Version - 120908ax
Extended Defs Version - 9/8/2010 rev. 50
Sequence Number - 114797
AntiVirus Definitions can be downloaded via the following pages: http://www.symantec.com/business/security_response/definitions.jsp
Here are some useful inks:
Adobe (Vulnerability identifier: APSA10-02): http://www.adobe.com/support/security/advisories/apsa10-02.html
Secunia (Secunia Advisory SA41340): http://secunia.com/advisories/41340/
CVE (CVE number: CVE-2010-2883): http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2010-2883
Comments
Confirmation
Hello Lockdown Wizard,
You are correct! I can confirm that, with the latest definitions, Symantec does provide protection against exploits that take advantage of this vulnerability.
The write-up for has not yet been posted, but there is a listing for it visible on http://www.symantec.com/business/security_response/threatexplorer/index.jsp.
There are no corresponding IPS attack signatures possible for this threat.
Thanks and best regards,
Mick
With thanks and best regards,
Mick
Would you like to reply?
Login or Register to post your comment.