1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: HTTP Adobe Acrobat CVE-2010-0188 2

Web Attack: HTTP Adobe Acrobat CVE-2010-0188 2

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature will detect attempts to exploit a remote code execution vulnerability in Adobe Acrobat.

Additional Information

Adobe Reader and Acrobat are applications for handling PDF files.

Adobe Acrobat and Reader are prone to an unspecified remote code-execution vulnerability.

Technical details are currently unavailable. We will update this BID as soon as more information emerges.

An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

The following products are affected:

Reader 9.3 for Windows, Macintosh, and UNIX
Acrobat 9.3 for Windows and Macintosh
Reader 8.2 for Windows and Macintosh
Acrobat 8.2 for Windows and Macintosh

NOTE: This BID was originally titled 'Adobe Acrobat and Reader APSB10-07 Unspecified Security Vulnerabilities' but has been updated with the release of the Adobe patches.

NOTE (February 19, 2010): Reports indicate that this issue may be related to the vulnerability discussed in BID 19283 (LibTIFF TiffFetchShortPair Remote Buffer Overflow Vulnerability). We will update this BID as more information emerges.

Affected

  • Adobe Acrobat

Response

Updates are available. Please see the references for details.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube