Wednesday, September 8, 2010

MSF Exploit - Adobe CoolType SING Table "uniqueName" Stack Buffer Overflow

This module exploits a vulnerability in the Smart INdependent Glyplets (SING) table handling within versions 8.2.4 and 9.3.4 of Adobe Reader. Prior version are assumed to be vulnerable as well.


Return of the Unpublished Adobe Vulnerability


Security Advisory for Adobe Reader and Acrobat

A critical vulnerability exists in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2883) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild.

Adobe is in the process of evaluating the schedule for an update to resolve this vulnerability.

No comments:

Post a Comment