Main Vulnerability Database Exploits ID:1651 - Exploit for Stack-based buffer overflow in Adobe Reader and Adobe Acrobat - CVE-2010-2883

ID:1651 - Exploit for Stack-based buffer overflow in Adobe Reader and Adobe Acrobat - CVE-2010-2883

Published: March 18, 2020

Vulnerability identifier: #VU3482

Vulnerability risk: Critical

CVE-ID: CVE-2010-2883

CWE-ID: CWE-119

Exploitation vector: Remote access

Vulnerable software:
Adobe Reader
Adobe Acrobat

Link to public exploit:

https://www.rapid7.com/db/modules/exploit/windows/fileformat/adobe_cooltype_sing

Vulnerability description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when handling specially crafted fonts within PDF document. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, cause stack-based buffer overflow and execute arbitrary code on vulnerable system.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Note: this vulnerability is being actively exploited.

Remediation

Install the latest version from vendor's website. The vulnerability is fixed in Adobe Reader and Acrobat 9.4 and 8.2.5.

ID:1651 - Exploit for Stack-based buffer overflow in Adobe Reader and Adobe Acrobat - CVE-2010-2883

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human