Tuesday, September 21, 2010

Sep 21 CVE-2010-2883 PDF Agenda of the United Nations Criminal Justice Events in October 2010

CVE-2010-2883 Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.3.4 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information. 


Download  ac4a484bb27e08433f822d4120291be4 UNICRI-Agenda-2010.pdf as a password protected archive (contact me if you need the password)


From: Cook Henry [mailto:henry.b.cook@gmail.com]
Sent: Tuesday, September 21, 2010 2:46 PM
To: XXXXXXXXXX
Subject: Agenda of the United Nations Criminal Justice Events in October 2010

 sir,
   In case this is useful for you.


File name:
UNICRI-Agenda-2010.pdf
http://www.virustotal.com/file-scan/report.html?id=b058fcc16446464c0aa94edabbc98cfd87d5d2ac2f9e3009b11a3aff96ed53b7-1286451255
13/ 43 (30.2%)
AntiVir    7.10.12.146    2010.10.07    HTML/Malicious.PDF.Gen
Avast    4.8.1351.0    2010.10.07    PDF:CVE-2010-2883
Avast5    5.0.594.0    2010.10.07    PDF:CVE-2010-2883
AVG    9.0.0.851    2010.10.07    Exploit_c.KLX
BitDefender    7.2    2010.10.07    Exploit.PDF-TTF.Gen
Emsisoft    5.0.0.50    2010.10.07    Exploit.Win32.CVE-2010-2883.a!A2
F-Secure    9.0.15370.0    2010.10.07    Exploit.PDF-TTF.Gen
Fortinet    4.2.249.0    2010.10.07    PDF/CoolType!exploit.CVE20102883
GData    21    2010.10.07    Exploit.PDF-TTF.Gen
Kaspersky    7.0.0.125    2010.10.07    Exploit.Win32.CVE-2010-2883.a
Microsoft    1.6201    2010.10.07    Exploit:Win32/CVE-2010-2883.A
PCTools    7.0.3.5    2010.10.07    HeurEngine.MaliciousExploit
Symantec    20101.2.0.161    2010.10.07    Bloodhound.Exploit.357
Additional information
MD5   : ac4a484bb27e08433f822d4120291be4

No comments:

Post a Comment