9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.3 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
0.96 High
EPSS
Percentile
99.5%
Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information.
Recent assessments:
Assessed Attacker Value: 0
Assessed Attacker Value: 0Assessed Attacker Value: 0
blog.metasploit.com/2010/09/return-of-unpublished-adobe.html
community.websense.com/blogs/securitylabs/archive/2010/09/10/brief-analysis-on-adobe-reader-sing-table-parsing-vulnerability-cve-2010-2883.aspx
lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html
lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
secunia.com/advisories/41340
secunia.com/advisories/43025
security.gentoo.org/glsa/glsa-201101-08.xml
www.adobe.com/support/security/advisories/apsa10-02.html
www.adobe.com/support/security/bulletins/apsb10-21.html
www.kb.cert.org/vuls/id/491991
www.redhat.com/support/errata/RHSA-2010-0743.html
www.securityfocus.com/bid/43057
www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt
www.us-cert.gov/cas/techalerts/TA10-279A.html
www.vupen.com/english/advisories/2010/2331
www.vupen.com/english/advisories/2011/0191
www.vupen.com/english/advisories/2011/0344
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2883
exchange.xforce.ibmcloud.com/vulnerabilities/61635
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11586
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.3 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
0.96 High
EPSS
Percentile
99.5%