TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2010-2883

HIGHCISA KEV
7.3

Beschreibung

Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information.

CVE Details

CVSS v3.1 Bewertung7.3
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionREQUIRED
Veroffentlicht9/9/2010
Zuletzt geandert4/21/2026
Quellekev
Honeypot-Sichtungen0

CISA KEV

HerstellerAdobe
ProduktAcrobat and Reader
SchwachstellennameAdobe Acrobat and Reader Stack-Based Buffer Overflow Vulnerability
KEV Aufnahmedatum2022-06-08
Behebungsfrist2022-06-22
Ransomware-NutzungUnknown

Betroffene Produkte

adobe:acrobatadobe:acrobat_readerapple:macosmicrosoft:windows

Schwachen (CWE)

CWE-787CWE-787

Referenzen

http://blog.metasploit.com/2010/09/return-of-unpublished-adobe.html(psirt@adobe.com)
http://community.websense.com/blogs/securitylabs/archive/2010/09/10/brief-analysis-on-adobe-reader-sing-table-parsing-vulnerability-cve-2010-2883.aspx(psirt@adobe.com)
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html(psirt@adobe.com)
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html(psirt@adobe.com)
http://secunia.com/advisories/41340(psirt@adobe.com)
http://secunia.com/advisories/43025(psirt@adobe.com)
http://security.gentoo.org/glsa/glsa-201101-08.xml(psirt@adobe.com)
http://www.adobe.com/support/security/advisories/apsa10-02.html(psirt@adobe.com)
http://www.adobe.com/support/security/bulletins/apsb10-21.html(psirt@adobe.com)
http://www.kb.cert.org/vuls/id/491991(psirt@adobe.com)
http://www.redhat.com/support/errata/RHSA-2010-0743.html(psirt@adobe.com)
http://www.securityfocus.com/bid/43057(psirt@adobe.com)
http://www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt(psirt@adobe.com)
http://www.us-cert.gov/cas/techalerts/TA10-279A.html(psirt@adobe.com)
http://www.vupen.com/english/advisories/2010/2331(psirt@adobe.com)
http://www.vupen.com/english/advisories/2011/0191(psirt@adobe.com)
http://www.vupen.com/english/advisories/2011/0344(psirt@adobe.com)
https://exchange.xforce.ibmcloud.com/vulnerabilities/61635(psirt@adobe.com)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11586(psirt@adobe.com)
http://blog.metasploit.com/2010/09/return-of-unpublished-adobe.html(af854a3a-2127-422b-91ae-364da2661108)
http://community.websense.com/blogs/securitylabs/archive/2010/09/10/brief-analysis-on-adobe-reader-sing-table-parsing-vulnerability-cve-2010-2883.aspx(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/41340(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/43025(af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-201101-08.xml(af854a3a-2127-422b-91ae-364da2661108)
http://www.adobe.com/support/security/advisories/apsa10-02.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.adobe.com/support/security/bulletins/apsb10-21.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.kb.cert.org/vuls/id/491991(af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2010-0743.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/43057(af854a3a-2127-422b-91ae-364da2661108)
http://www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt(af854a3a-2127-422b-91ae-364da2661108)
http://www.us-cert.gov/cas/techalerts/TA10-279A.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2010/2331(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2011/0191(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2011/0344(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/61635(af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11586(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-2883(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.