PDF malware targets 2012 Olympic Games fans

May 31, 2012


F-Secure, a Finnish security firm, has issued a warning on their weblog about a London 2012 Olympic Games themed competition schedule containing PDF malware which has come to their attention.

The PDF exploits CVE-2010-2883:

Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart Independent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010.

As we recently covered on Planet PDF, most security exploits of PDFs are able to thrive because of the large numbers of PDF users who have not yet upgraded to the latest versions of Adobe Reader and Adobe Acrobat, which contain fixes for these security exploits.

The exploit covered in CVE-2010-2883 has been patched in the latest versions of Adobe Acrobat and Adobe Reader, available from the Adobe website.

PDF In-Depth Free Product Trials Ubiquitous PDF

Debenu Quick PDF Library

Get products to market faster with this amazing PDF developer SDK. Over 900 functions and an equally...

Download free demo

Five visions of a PDF Day

In the world of PDFs or as we like to say Planet (of) PDF, a year isn't a real PDF year without an intense few days of industry knowledge sharing.

May 15, 2018
Platinum Sponsor

Search Planet PDF
more searching options...
Planet PDF Newsletter
Most Popular Articles
Featured Product

Debenu PDF Aerialist

The ultimate plug-in for Adobe Acrobat. Advanced splitting, merging, stamping, bookmarking, and link control. Take Acrobat to the next level.


Adding a PDF Stamp Comment

OK, so you want to stamp your document. Maybe you need to give reviewers some advice about the document's status or sensitivity. This tip from author Ted Padova demonstrates how to add stamps with the Stamp Tool along with related comments.