Signature Detail

HTTP: Adobe PDF Import Tiff Buffer Overflow

This signature detects attempts to exploit a known vulnerability in the Adobe Acrobat Reader. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the user.

Extended Description

Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. The following products are affected: Reader 9.3 for Windows, Macintosh, and UNIX Acrobat 9.3 for Windows and Macintosh Reader 8.2 for Windows and Macintosh Acrobat 8.2 for Windows and Macintosh NOTE: This BID was originally titled 'Adobe Acrobat and Reader APSB10-07 Unspecified Security Vulnerabilities' but has been updated with the release of the Adobe patches. NOTE (February 19, 2010): Reports indicate that this issue may be related to the vulnerability discussed in BID 19283 (LibTIFF TiffFetchShortPair Remote Buffer Overflow Vulnerability). We will update this BID as more information emerges.

Affected Products

• Adobe Acrobat 9.1.1
• Adobe Acrobat 9.2
• Adobe Acrobat 9.3
• Adobe Acrobat Professional 8.0
• Adobe Acrobat Professional 8.1
• Adobe Acrobat Professional 8.1.1
• Adobe Acrobat Professional 8.1.2
• Adobe Acrobat Professional 8.1.2 Security Update 1
• Adobe Acrobat Professional 8.1.3
• Adobe Acrobat Professional 8.1.4
• Adobe Acrobat Professional 8.1.6
• Adobe Acrobat Professional 8.1.7
• Adobe Acrobat Professional 8.2
• Adobe Acrobat Professional 9
• Adobe Acrobat Professional 9.1
• Adobe Acrobat Professional 9.1.2
• Adobe Acrobat Professional 9.1.3
• Adobe Acrobat Professional 9.2
• Adobe Acrobat Professional 9.3
• Adobe Acrobat Standard 8.0
• Adobe Acrobat Standard 8.1
• Adobe Acrobat Standard 8.1.1
• Adobe Acrobat Standard 8.1.2
• Adobe Acrobat Standard 8.1.3
• Adobe Acrobat Standard 8.1.4
• Adobe Acrobat Standard 8.1.6
• Adobe Acrobat Standard 8.1.7
• Adobe Acrobat Standard 8.2
• Adobe Acrobat Standard 9
• Adobe Acrobat Standard 9.1
• Adobe Acrobat Standard 9.1.2
• Adobe Acrobat Standard 9.1.3
• Adobe Acrobat Standard 9.2
• Adobe Acrobat Standard 9.3
• Adobe Reader 8.0
• Adobe Reader 8.1
• Adobe Reader 8.1.1
• Adobe Reader 8.1.2
• Adobe Reader 8.1.2 Security Update 1
• Adobe Reader 8.1.3
• Adobe Reader 8.1.4
• Adobe Reader 8.1.5
• Adobe Reader 8.1.6
• Adobe Reader 8.1.7
• Adobe Reader 8.2
• Adobe Reader 9
• Adobe Reader 9.1
• Adobe Reader 9.1.1
• Adobe Reader 9.1.2
• Adobe Reader 9.1.3
• Adobe Reader 9.2
• Adobe Reader 9.3
• Gentoo Linux
• Red Hat Enterprise Linux Desktop 5 Client
• Red Hat Enterprise Linux Desktop Supplementary 5 Client
• Red Hat Enterprise Linux ES 4.8.Z
• Red Hat Enterprise Linux ES Extras 4
• Red Hat Enterprise Linux EUS 5.4.Z Server
• SuSE Moblin 2.0
• SuSE openSUSE 11.0
• SuSE openSUSE 11.1
• SuSE openSUSE 11.2
• SuSE SUSE Linux Enterprise 11
• SuSE SUSE Linux Enterprise Desktop 10 SP2
• SuSE SUSE Linux Enterprise Desktop 10 SP3

References

• BugTraq: 38195
• CVE: CVE-2010-0188
• URL: http://www.redhat.com/support/errata/RHSA-2010-0114.html
• URL: http://www.vupen.com/english/advisories/2010/0399