Описание
Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information.
Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2010-2883
- https://exchange.xforce.ibmcloud.com/vulnerabilities/61635
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11586
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-2883
- http://blog.metasploit.com/2010/09/return-of-unpublished-adobe.html
- http://community.websense.com/blogs/securitylabs/archive/2010/09/10/brief-analysis-on-adobe-reader-sing-table-parsing-vulnerability-cve-2010-2883.aspx
- http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
- http://secunia.com/advisories/41340
- http://secunia.com/advisories/43025
- http://security.gentoo.org/glsa/glsa-201101-08.xml
- http://www.adobe.com/support/security/advisories/apsa10-02.html
- http://www.adobe.com/support/security/bulletins/apsb10-21.html
- http://www.kb.cert.org/vuls/id/491991
- http://www.redhat.com/support/errata/RHSA-2010-0743.html
- http://www.securityfocus.com/bid/43057
- http://www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt
- http://www.us-cert.gov/cas/techalerts/TA10-279A.html
- http://www.vupen.com/english/advisories/2010/2331
- http://www.vupen.com/english/advisories/2011/0191
- http://www.vupen.com/english/advisories/2011/0344
Связанные уязвимости
Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information.
Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information.
Уязвимость программы для просмотра текста Adobe Reader, связанная с чтением данных за границами буфера в памяти, позволяющая нарушителю выполнить произвольный код