⚠ Actively exploited
Added to CISA KEV on 2022-06-08. Federal agencies required to patch by 2022-06-22. Required action: Apply updates per vendor instructions..

CVE-2010-2883Out-of-bounds Write in Adobe Acrobat

CWE-787Out-of-bounds WriteCWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-121Stack-based Buffer Overflow24 documents12 sources
Severity
7.3HIGHNVD
EPSS
93.2%
top 0.20%
CISA KEV
KEV
Added 2022-06-08
Due 2022-06-22
Exploit
Exploited in wild
Active exploitation observed
Affected products
2
Adobe AcrobatAdobe Acrobat Reader
Timeline
PublishedSep 9
KEV addedJun 8
KEV dueJun 22
Latest updateFeb 12
CISA Required Action: Apply updates per vendor instructions.

Description

Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 1.3 | Impact: 5.9

Affected Packages2 packages

NVDadobe/acrobat_reader8.08.2.5+1
NVDadobe/acrobat8.08.2.5+1

🔴Vulnerability Details

2
GHSA
GHSA-m6wc-h767-27c3: Stack-based buffer overflow in CoolType2022-05-14
VulnCheck
Adobe Acrobat and Reader Stack-Based Buffer Overflow Vulnerability2010

💥Exploits & PoCs

3
Exploit-DB
Adobe CoolType - SING Table 'uniqueName' Local Stack Buffer Overflow (Metasploit) (2)2010-09-25
Exploit-DB
Adobe CoolType - SING Table 'uniqueName' Remote Stack Buffer Overflow (Metasploit) (1)2010-09-20
Metasploit
Adobe CoolType SING Table "uniqueName" Stack Buffer Overflow

📋Vendor Advisories

2
CISA
Adobe Acrobat and Reader Stack-Based Buffer Overflow Vulnerability2022-06-08
Red Hat
Acroread: Stack-based buffer overflow by processing certain fonts (APSA10-02)2010-09-08

🕵️Threat Intelligence

12
Trendmicro
Backdoor-Variante infiziert Word-Dokumente und PDFs2019-08-26
Trendmicro
Asruex Backdoor Infects Files Via Old Vulnerabilities2019-08-22
Trendmicro
Asruex Backdoor Infects Files Via Old Vulnerabilities2019-08-22
Trendmicro
Asruex Backdoor Infects Files Via Old Vulnerabilities2019-08-22
Trendmicro
Asruex Backdoor Infects Files Via Old Vulnerabilities2019-08-22

📄Research Papers

2
arXiv
Investigation of Advanced Persistent Threats Network-based Tactics, Techniques and Procedures2025-02-12
arXiv
Unsupervised Anomaly-based Malware Detection using Hardware Features2014-03-28

💬Community

2
Bugzilla
acroread: multiple code execution flaws (APSB10-21)2010-10-04
Bugzilla
CVE-2010-2883 Acroread: Stack-based buffer overflow by processing certain fonts (APSA10-02)2010-09-09
CVE-2010-2883 — Out-of-bounds Write in Adobe Acrobat | cvebase