CVE-2010-2883

Name of the Vulnerable Software and Affected Versions Adobe Reader versions 8.x through 8.2.5 Adobe Reader versions 9.x through 9.3

Description The issue is related to a stack-based buffer overflow in CoolType.dll, allowing remote attackers to execute arbitrary code or cause a denial of service via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font. This issue has been exploited in the wild.

Recommendations For Adobe Reader versions 8.x through 8.2.5, update to version 8.2.5 or later to resolve the issue. For Adobe Reader versions 9.x through 9.3, update to version 9.4 or later to resolve the issue. As a temporary workaround, consider avoiding the use of PDF documents with long fields in SING tables in TTF fonts until the issue is resolved.