Adobe Acrobat And Reader SING 'uniqueName' Buffer Overflow Vulnerability (Linux) Network Vulnerability

Summary

This host is installed with Adobe Reader and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will let attackers to crash an affected application or execute arbitrary code by tricking a user into opening a specially crafted PDF document. Impact Level: Application

Solution

Upgrade to Adobe Reader version 9.4, For updates refer to http://www.adobe.com

Insight

The flaw is due to a boundary error within 'CoolType.dll' when processing the 'uniqueName' entry of SING tables in fonts.

Affected

Adobe Reader version 9.3.4 and prior.

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://blog.metasploit.com/2010/09/return-of-unpublished-adobe.html
http://secunia.com/advisories/41340
http://www.adobe.com/support/security/advisories/apsa10-02.html
http://www.osvdb.com/67849

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-2883

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Apple QuickTime Multiple Vulnerabilities - Sep09
Adobe Reader/Acrobat Multimedia Doc.media.newPlayer Code Execution Vulnerability (Win)
ChaSen Buffer Overflow Vulnerability (Windows)
Adobe Flash Player Buffer Overflow Vulnerability (Mac OS X)
Apple QuickTime Multiple Buffer Overflow Vulnerabilities (Windows)

Adobe Acrobat and Reader SING 'uniqueName' Buffer Overflow Vulnerability (Linux)

Take action and discover your vulnerabilities