cbcvebase.
CVE-2010-2862
published 2010-08-05

CVE-2010-2862: Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and Acrobat 9.3.3, allows remote attackers to execute arbitrary code via a TrueType font with…

PriorityP273critical9.3CVSS 2.0
AVNACMAuNCCICAC
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
16.30%
96.6th percentile
Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and Acrobat 9.3.3, allows remote attackers to execute arbitrary code via a TrueType font with a large maxCompositePoints value in a Maximum Profile (maxp) table.

Affected

3 ranges
VendorProductVersion rangeFixed in
adobeacrobat
adobeacrobat_reader
adobeacrobat_reader

Detection & IOCsextracted from sources · hover to see the quote

filenameCoolType.dll
urlhttps://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/14642.tgz
  • Look for TrueType font files embedded in PDF documents containing an abnormally large maxCompositePoints value in the Maximum Profile (maxp) table, which triggers an integer overflow in CoolType.dll.
  • The vulnerability is in CoolType.dll; monitor process memory or crash telemetry involving this DLL when processing PDF files with embedded TrueType fonts.
  • ·The Tenable blog post misattributes CVE-2010-2862 to Adobe ColdFusion 'directory traversal'; the actual CVE describes an integer overflow in Adobe Reader/Acrobat CoolType.dll. Treat any tooling or signatures referencing this CVE in a ColdFusion context as mislabeled.
  • ·CVE-2010-1240 was reused in APSB10-17 for an incomplete fix rather than being assigned a new CVE; detections tied to CVE-2010-1240 in this bulletin context may overlap with or be confused with CVE-2010-2862 coverage.

CVSS provenance

nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vulncheck9.3CRITICAL
vendor_redhat9.3CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.