← Back

CVE-2010-2883

nvd nist
Published: Sep 9, 2010Modified: Apr 21, 2026CISA KEV

JSON object

Loading...
7.3
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Exploitability: 1.3 / Impact: 5.9
Source: NVD

Description

Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information.

Affected (4)

Adobe
2 products
Acrobat
Acrobat Reader
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Adobe
Acrobat
From 8.0 to 8.2.5
Acrobat
From 9.0 to 9.4
Configuration B
2 vulnerable · 2 platform
Vulnerable SoftwareAffected Versions
Adobe
Acrobat Reader
From 8.0 to 8.2.5
Acrobat Reader
From 9.0 to 9.4
Running on/withPlatform Versions
Apple
Macos
All versions
Microsoft
Windows
All versions

Related CWEs

CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

References (39)

Source: psirt@adobe.com
Broken Link
Source: psirt@adobe.com
Broken Link
Source: psirt@adobe.com
Broken Link
Source: psirt@adobe.com
Broken Link
Source: psirt@adobe.com
Broken LinkVendor Advisory
Source: psirt@adobe.com
Broken LinkVendor Advisory
Source: psirt@adobe.com
Third Party Advisory
Source: psirt@adobe.com
Vendor Advisory
Source: psirt@adobe.com
Vendor Advisory
Source: psirt@adobe.com
Third Party AdvisoryUS Government Resource
Source: psirt@adobe.com
Broken Link
Source: psirt@adobe.com
Broken LinkThird Party AdvisoryVDB Entry
Source: psirt@adobe.com
Broken Link
Source: psirt@adobe.com
Third Party AdvisoryUS Government Resource
Source: psirt@adobe.com
Broken LinkVendor Advisory
Source: psirt@adobe.com
Broken LinkVendor Advisory
Source: psirt@adobe.com
Broken LinkVendor Advisory
Source: psirt@adobe.com
Third Party AdvisoryVDB Entry
Source: psirt@adobe.com
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
US Government Resource

Timeline

No history available yet.