CVE-2010-2883

Warnung

EPSS 93%
Veröffentlicht 09.09.2010 22:00:02
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle psirt@adobe.com
Teams Watchlist Login
Unerledigt Login

Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information.

Betroffene Produkte Warnungen 1 Metriken 4 CWE 1 Referenzen 22

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Adobe ≫ Acrobat Version >= 8.0 < 8.2.5

Apple ≫ macOS Version-
Microsoft ≫ Windows Version-

Adobe ≫ Acrobat Version >= 9.0 < 9.4

Apple ≫ macOS Version-
Microsoft ≫ Windows Version-

Adobe ≫ Acrobat Reader Version >= 8.0 < 8.2.5

Apple ≫ macOS Version-
Microsoft ≫ Windows Version-

Adobe ≫ Acrobat Reader Version >= 9.0 < 9.4

Apple ≫ macOS Version-
Microsoft ≫ Windows Version-

08.06.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Adobe Acrobat and Reader Stack-Based Buffer Overflow Vulnerability

Schwachstelle

Adobe Acrobat and Reader contain a stack-based buffer overflow vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).

Beschreibung

Apply updates per vendor instructions.

Erforderliche Maßnahmen

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	93%	0.998

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.3	1.3	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.3	1.3	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H