High severity7.3CISA KEVNVD Advisory· Published Sep 9, 2010· Updated Jun 16, 2026
CVE-2010-2883
CVE-2010-2883
Description
Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*range: >=8.0,<8.2.5
- cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*range: >=8.0,<8.2.5
- (no CPE)range: >=8.0 <8.2.5 on Windows and Mac OS X, >=9.0 <9.4
- Range: >=8.0 <8.2.5 on Windows and Mac OS X, >=9.0 <9.4
Patches
Vulnerability mechanics
References
20- secunia.com/advisories/41340nvdBroken LinkVendor Advisory
- secunia.com/advisories/43025nvdBroken LinkVendor Advisory
- security.gentoo.org/glsa/glsa-201101-08.xmlnvdThird Party Advisory
- www.adobe.com/support/security/advisories/apsa10-02.htmlnvdVendor Advisory
- www.adobe.com/support/security/bulletins/apsb10-21.htmlnvdVendor Advisory
- www.kb.cert.org/vuls/id/491991nvdThird Party AdvisoryUS Government Resource
- www.securityfocus.com/bid/43057nvdBroken LinkThird Party AdvisoryVDB Entry
- www.us-cert.gov/cas/techalerts/TA10-279A.htmlnvdThird Party AdvisoryUS Government Resource
- www.vupen.com/english/advisories/2010/2331nvdBroken LinkVendor Advisory
- www.vupen.com/english/advisories/2011/0191nvdBroken LinkVendor Advisory
- www.vupen.com/english/advisories/2011/0344nvdBroken LinkVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/61635nvdThird Party AdvisoryVDB Entry
- blog.metasploit.com/2010/09/return-of-unpublished-adobe.htmlnvdBroken Link
- community.websense.com/blogs/securitylabs/archive/2010/09/10/brief-analysis-on-adobe-reader-sing-table-parsing-vulnerability-cve-2010-2883.aspxnvdBroken Link
- lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.htmlnvdBroken Link
- lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.htmlnvdBroken Link
- www.redhat.com/support/errata/RHSA-2010-0743.htmlnvdBroken Link
- www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txtnvdBroken Link
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11586nvdBroken Link
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
0No linked articles in our index yet.