News

PDF malware targets 2012 Olympic Games fans

May 31, 2012

Advertisement
Advertisement
 

F-Secure, a Finnish security firm, has issued a warning on their weblog about a London 2012 Olympic Games themed competition schedule containing PDF malware which has come to their attention.

The PDF exploits CVE-2010-2883:

Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart Independent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010.

As we recently covered on Planet PDF, most security exploits of PDFs are able to thrive because of the large numbers of PDF users who have not yet upgraded to the latest versions of Adobe Reader and Adobe Acrobat, which contain fixes for these security exploits.

The exploit covered in CVE-2010-2883 has been patched in the latest versions of Adobe Acrobat and Adobe Reader, available from the Adobe website.

PDF In-Depth Free Product Trials Ubiquitous PDF

Debenu Quick PDF Library

Get products to market faster with this amazing PDF developer SDK. Over 900 functions and an equally...

Download free demo

Back to the past, 15 years ago! Open Publish 2002

Looking back to 2002, it's amazing how much of the prediction became a reality. Take a read and see what you think!

September 14, 2017
Platinum Sponsor





Search Planet PDF
more searching options...
Planet PDF Newsletter
Most Popular Articles
Featured Product

Debenu PDF Aerialist

The ultimate plug-in for Adobe Acrobat. Advanced splitting, merging, stamping, bookmarking, and link control. Take Acrobat to the next level.

Features

Adding a PDF Stamp Comment

OK, so you want to stamp your document. Maybe you need to give reviewers some advice about the document's status or sensitivity. This tip from author Ted Padova demonstrates how to add stamps with the Stamp Tool along with related comments.