|
|
|||
| Rule General Information |
|---|
| Release Date: | 2013-03-06 | |
| Rule Name: | Adobe Acrobat and Reader Font Parsing Integer Overflow Vulnerability -2 (CVE-2010-2862) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and Acrobat 9.3.3, allows remote attackers to execute arbitrary code via a TrueType font with a large maxCompositePoints value in a Maximum Profile (maxp) table. | |
| Impact: | An attacker can exploit the affected software with a integer overflow vulnerability. Successful exploit leads to execute arbitrary code, and failed exploit may disturb the software logic and cause denial of service. | |
| Affected OS: | Windows | |
| Reference: | http://www.zdnet.co.uk/news/security-threats/2010/08/04/adobe-confirms-pdf-security-hole-in-reader-40089737/ |
|
| Solutions |
|---|
| More advisories have been published on the website, please visit for more suggestions: http://www.adobe.com/support/security/bulletins/apsb10-17.html |