ByteOS Network

CVE Vulnerability Details :

CVE-2010-2883

PUBLISHED

More Info Official Page

Assigner-adobe

Assigner Org ID-078d4453-3bcd-4900-85e6-15281da43538

View Known Exploited Vulnerability (KEV) details

Published At-09 Sep, 2010 | 21:00

Updated At-22 Oct, 2025 | 00:05

▼CVE Numbering Authority (CNA)

Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information.

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html	vendor-advisory x_refsource_SUSE
http://www.vupen.com/english/advisories/2011/0191	vdb-entry x_refsource_VUPEN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11586	vdb-entry signature x_refsource_OVAL
http://www.adobe.com/support/security/advisories/apsa10-02.html	x_refsource_CONFIRM
http://secunia.com/advisories/43025	third-party-advisory x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2011/0344	vdb-entry x_refsource_VUPEN
http://security.gentoo.org/glsa/glsa-201101-08.xml	vendor-advisory x_refsource_GENTOO
http://www.vupen.com/english/advisories/2010/2331	vdb-entry x_refsource_VUPEN
http://www.kb.cert.org/vuls/id/491991	third-party-advisory x_refsource_CERT-VN
http://www.redhat.com/support/errata/RHSA-2010-0743.html	vendor-advisory x_refsource_REDHAT
http://www.adobe.com/support/security/bulletins/apsb10-21.html	x_refsource_CONFIRM
http://www.us-cert.gov/cas/techalerts/TA10-279A.html	third-party-advisory x_refsource_CERT
http://secunia.com/advisories/41340	third-party-advisory x_refsource_SECUNIA
http://community.websense.com/blogs/securitylabs/archive/2010/09/10/brief-analysis-on-adobe-reader-sing-table-parsing-vulnerability-cve-2010-2883.aspx	x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/61635	vdb-entry x_refsource_XF
http://blog.metasploit.com/2010/09/return-of-unpublished-adobe.html	x_refsource_MISC
http://www.securityfocus.com/bid/43057	vdb-entry x_refsource_BID
http://www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt	vendor-advisory x_refsource_TURBO
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html	vendor-advisory x_refsource_SUSE

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html

Resource:

vendor-advisory

x_refsource_SUSE

Hyperlink: http://www.vupen.com/english/advisories/2011/0191

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11586

Resource:

vdb-entry

signature

x_refsource_OVAL

Hyperlink: http://www.adobe.com/support/security/advisories/apsa10-02.html

Resource:

x_refsource_CONFIRM

Hyperlink: http://secunia.com/advisories/43025

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.vupen.com/english/advisories/2011/0344

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://security.gentoo.org/glsa/glsa-201101-08.xml

Resource:

vendor-advisory

x_refsource_GENTOO

Hyperlink: http://www.vupen.com/english/advisories/2010/2331

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://www.kb.cert.org/vuls/id/491991

Resource:

third-party-advisory

x_refsource_CERT-VN

Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0743.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://www.adobe.com/support/security/bulletins/apsb10-21.html

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.us-cert.gov/cas/techalerts/TA10-279A.html

Resource:

third-party-advisory

x_refsource_CERT

Hyperlink: http://secunia.com/advisories/41340

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://community.websense.com/blogs/securitylabs/archive/2010/09/10/brief-analysis-on-adobe-reader-sing-table-parsing-vulnerability-cve-2010-2883.aspx

Resource:

x_refsource_MISC

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/61635

Resource:

vdb-entry

x_refsource_XF

Hyperlink: http://blog.metasploit.com/2010/09/return-of-unpublished-adobe.html

Resource:

x_refsource_MISC

Hyperlink: http://www.securityfocus.com/bid/43057

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt

Resource:

vendor-advisory

x_refsource_TURBO

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html

Resource:

vendor-advisory

x_refsource_SUSE

▼Authorized Data Publishers (ADP)

1. CVE Program Container

References

Hyperlink	Resource
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html	vendor-advisory x_refsource_SUSE x_transferred
http://www.vupen.com/english/advisories/2011/0191	vdb-entry x_refsource_VUPEN x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11586	vdb-entry signature x_refsource_OVAL x_transferred
http://www.adobe.com/support/security/advisories/apsa10-02.html	x_refsource_CONFIRM x_transferred
http://secunia.com/advisories/43025	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.vupen.com/english/advisories/2011/0344	vdb-entry x_refsource_VUPEN x_transferred
http://security.gentoo.org/glsa/glsa-201101-08.xml	vendor-advisory x_refsource_GENTOO x_transferred
http://www.vupen.com/english/advisories/2010/2331	vdb-entry x_refsource_VUPEN x_transferred
http://www.kb.cert.org/vuls/id/491991	third-party-advisory x_refsource_CERT-VN x_transferred
http://www.redhat.com/support/errata/RHSA-2010-0743.html	vendor-advisory x_refsource_REDHAT x_transferred
http://www.adobe.com/support/security/bulletins/apsb10-21.html	x_refsource_CONFIRM x_transferred
http://www.us-cert.gov/cas/techalerts/TA10-279A.html	third-party-advisory x_refsource_CERT x_transferred
http://secunia.com/advisories/41340	third-party-advisory x_refsource_SECUNIA x_transferred
http://community.websense.com/blogs/securitylabs/archive/2010/09/10/brief-analysis-on-adobe-reader-sing-table-parsing-vulnerability-cve-2010-2883.aspx	x_refsource_MISC x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/61635	vdb-entry x_refsource_XF x_transferred
http://blog.metasploit.com/2010/09/return-of-unpublished-adobe.html	x_refsource_MISC x_transferred
http://www.securityfocus.com/bid/43057	vdb-entry x_refsource_BID x_transferred
http://www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt	vendor-advisory x_refsource_TURBO x_transferred
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html	vendor-advisory x_refsource_SUSE x_transferred

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2011/0191

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11586

Resource:

vdb-entry

signature

x_refsource_OVAL

x_transferred

Hyperlink: http://www.adobe.com/support/security/advisories/apsa10-02.html

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://secunia.com/advisories/43025

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2011/0344

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://security.gentoo.org/glsa/glsa-201101-08.xml

Resource:

vendor-advisory

x_refsource_GENTOO

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2010/2331

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://www.kb.cert.org/vuls/id/491991

Resource:

third-party-advisory

x_refsource_CERT-VN

x_transferred

Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0743.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: http://www.adobe.com/support/security/bulletins/apsb10-21.html

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.us-cert.gov/cas/techalerts/TA10-279A.html

Resource:

third-party-advisory

x_refsource_CERT

x_transferred

Hyperlink: http://secunia.com/advisories/41340

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://community.websense.com/blogs/securitylabs/archive/2010/09/10/brief-analysis-on-adobe-reader-sing-table-parsing-vulnerability-cve-2010-2883.aspx

Resource:

x_refsource_MISC

x_transferred

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/61635

Resource:

vdb-entry

x_refsource_XF

x_transferred

Hyperlink: http://blog.metasploit.com/2010/09/return-of-unpublished-adobe.html

Resource:

x_refsource_MISC

x_transferred

Hyperlink: http://www.securityfocus.com/bid/43057

Resource:

vdb-entry

x_refsource_BID

x_transferred

Hyperlink: http://www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt

Resource:

vendor-advisory

x_refsource_TURBO

x_transferred

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

2. CISA ADP Vulnrichment

Problem Types

Type	CWE ID	Description
CWE	CWE-787	CWE-787 Out-of-bounds Write

Type: CWE

CWE ID: CWE-787

Description: CWE-787 Out-of-bounds Write

Metrics

Version	Base score	Base severity	Vector
3.1	7.3	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Version: 3.1

Base score: 7.3

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Metrics Other Info

kev

dateAdded:

2022-06-08

reference:

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-2883

Timeline

Event	Date
CVE-2010-2883 added to CISA KEV	2022-06-08 00:00:00

Event: CVE-2010-2883 added to CISA KEV

Date: 2022-06-08 00:00:00

References

Hyperlink	Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-2883	government-resource

Hyperlink: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-2883

Resource:

government-resource

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References