CVE-2010-2883 Stack-based buffer overflow in CoolType.dll in Adobe Reader and
Acrobat 9.3.4 and earlier allows remote attackers to execute arbitrary
code or cause a denial of service (application crash) via a PDF
document with a long field in a Smart INdependent Glyphlets (SING)
table in a TTF font, as exploited in the wild in September 2010.
NOTE: some of these details are obtained from third party information.
Download ac4a484bb27e08433f822d4120291be4 UNICRI-Agenda-2010.pdf as a password protected archive (contact me if you need the password)From: Cook Henry [mailto:henry.b.cook@gmail.com]
Sent: Tuesday, September 21, 2010 2:46 PM
To: XXXXXXXXXX
Subject: Agenda of the United Nations Criminal Justice Events in October 2010
sir,
In case this is useful for you.
UNICRI-Agenda-2010.pdf
http://www.virustotal.com/file-scan/report.html?id=b058fcc16446464c0aa94edabbc98cfd87d5d2ac2f9e3009b11a3aff96ed53b7-1286451255
13/ 43 (30.2%)
AntiVir 7.10.12.146 2010.10.07 HTML/Malicious.PDF.Gen
Avast 4.8.1351.0 2010.10.07 PDF:CVE-2010-2883
Avast5 5.0.594.0 2010.10.07 PDF:CVE-2010-2883
AVG 9.0.0.851 2010.10.07 Exploit_c.KLX
BitDefender 7.2 2010.10.07 Exploit.PDF-TTF.Gen
Emsisoft 5.0.0.50 2010.10.07 Exploit.Win32.CVE-2010-2883.a!A2
F-Secure 9.0.15370.0 2010.10.07 Exploit.PDF-TTF.Gen
Fortinet 4.2.249.0 2010.10.07 PDF/CoolType!exploit.CVE20102883
GData 21 2010.10.07 Exploit.PDF-TTF.Gen
Kaspersky 7.0.0.125 2010.10.07 Exploit.Win32.CVE-2010-2883.a
Microsoft 1.6201 2010.10.07 Exploit:Win32/CVE-2010-2883.A
PCTools 7.0.3.5 2010.10.07 HeurEngine.MaliciousExploit
Symantec 20101.2.0.161 2010.10.07 Bloodhound.Exploit.357
Additional information
MD5 : ac4a484bb27e08433f822d4120291be4
No comments:
Post a Comment