1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: Adobe Reader TTF File CVE-2010-2883

Attack: Adobe Reader TTF File CVE-2010-2883

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature will detect attempts to exploit a remote code execution vulnerability in Adobe Reader.

Additional Information

Adobe Reader is an application for handling PDF files.

Adobe Reader is prone to a remote code-execution vulnerability. Specifically, the issue occurs due to a heap-memory corruption issue in 'cooltype.dll' when handling PDF files containing malformed TTF fonts.

An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

Adobe Reader 9.3.4 is vulnerable; other versions may also be affected.

Affected

  • Various

Response

Currently we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube