Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 336508 (CVE-2010-2883)

Summary: <app-text/acroread-9.4.0: Arbitrary Code Execution (APSA 10-02) (CVE-2010-{2862,2883,2884,2887,2888,2889,2890,3619,3620,3621,3622,3623,3624,3625,3626,3627,3628,3629,3630,3631,3632,3656,3657,3658})
Product: Gentoo Security Reporter: Richard <shiningarcanine>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: major CC: scarabeus, underling
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://www.adobe.com/support/security/advisories/apsa10-02.html
Whiteboard: A2 [glsa]
Package list:
Runtime testing required: ---

Description Richard 2010-09-09 02:01:38 UTC
There appears to be yet another zero-day cross platform exploit in adobe reader. Attacks on the vulnerability have been in the wild as early as Tuesday, September 7, 2010 and it could "potentially allow an attacker to take control of the affected system".

Reproducible: Didn't try

Steps to Reproduce:
Comment 1 Alex Legler (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2010-09-09 15:17:44 UTC
*** Bug 336614 has been marked as a duplicate of this bug. ***
Comment 2 Alex Legler (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2010-09-09 15:19:00 UTC
From $URL:
A critical vulnerability exists in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2883) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild.
Comment 3 Tim Sammut (RETIRED) gentoo-dev 2010-09-14 13:11:49 UTC
*** Bug 337205 has been marked as a duplicate of this bug. ***
Comment 4 Tim Sammut (RETIRED) gentoo-dev 2010-09-14 13:14:38 UTC
Adobe has disclosed another vulnerability in app-text/acroread. This is CVE-2010-2884.

From APSA 10-03, http://www.adobe.com/support/security/advisories/apsa10-03.html:

A critical  vulnerability exists in Adobe Flash Player 10.1.82.76 and earlier
versions for Windows, Macintosh, Linux, Solaris, and Adobe Flash Player
10.1.92.10 for Android. This vulnerability also affects Adobe Reader 9.3.4 for
Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for
Windows and Macintosh. This vulnerability (CVE-2010-2884) could cause a crash
and potentially allow an attacker to take control of the affected system. There
are reports that this vulnerability is being actively exploited in the wild
against Adobe Flash Player on Windows.

I am creating two bugs--one for www-plugins/adobe-flash, and one for
app-text/acroread--so they can be stablized separately since Adobe is planning
to release fixed software at different times.
Comment 5 Tim Sammut (RETIRED) gentoo-dev 2010-10-10 23:34:13 UTC
Adobe has released Reader 9.4:

http://www.adobe.com/support/security/bulletins/apsb10-21.html

This list of fixed CVEs is:

CVE-2010-2883, CVE-2010-2884, CVE-2010-2887, CVE-2010-2888,
CVE-2010-2889, CVE-2010-2890, CVE-2010-3619, CVE-2010-3620, CVE-2010-3621,
CVE-2010-3622, CVE-2010-3623, CVE-2010-3624, CVE-2010-3625, CVE-2010-3626,
CVE-2010-3627, CVE-2010-3628, CVE-2010-3629, CVE-2010-3630, CVE-2010-3631,
CVE-2010-3632, CVE-2010-3656, CVE-2010-3657, CVE-2010-3658

9.4 is in the tree, but not yet stable.
Comment 6 Tim Sammut (RETIRED) gentoo-dev 2010-10-10 23:35:02 UTC
Arches, please test and mark stable:
=app-text/acroread-9.4.0
Target keywords : "amd64 x86"
Comment 7 Markos Chandras (RETIRED) gentoo-dev 2010-10-11 07:23:30 UTC
amd64 done
Comment 8 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2010-10-11 11:25:34 UTC
x86 stable
Comment 9 Tim Sammut (RETIRED) gentoo-dev 2010-10-11 13:08:38 UTC
Thanks, folks. GLSA request filed.
Comment 10 Tim Sammut (RETIRED) gentoo-dev 2011-01-21 17:18:56 UTC
This is GLSA 201101-08; thank you.
Comment 11 GLSAMaker/CVETool Bot gentoo-dev 2011-06-14 16:33:54 UTC
CVE-2010-3658 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3658):
  Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and
  Mac OS X, allow attackers to execute arbitrary code or cause a denial of
  service (memory corruption) via unspecified vectors, a different
  vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621,
  CVE-2010-3622, CVE-2010-3628, and CVE-2010-3632.

CVE-2010-3657 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3657):
  Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and
  8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial
  of service via unknown vectors, a different vulnerability than
  CVE-2010-3656.

CVE-2010-3656 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3656):
  Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and
  8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial
  of service via unknown vectors, a different vulnerability than
  CVE-2010-3657.

CVE-2010-3632 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3632):
  Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and
  Mac OS X, allow attackers to execute arbitrary code or cause a denial of
  service (memory corruption) via unspecified vectors, a different
  vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621,
  CVE-2010-3622, CVE-2010-3628, and CVE-2010-3658.

CVE-2010-3631 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3631):
  Array index error in Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x
  before 9.4 on Mac OS X allows attackers to execute arbitrary code via
  unspecified vectors.

CVE-2010-3630 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3630):
  Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and
  8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial
  of service or possibly execute arbitrary code via unknown vectors.

CVE-2010-3629 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3629):
  Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and
  8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute
  arbitrary code via a crafted image, a different vulnerability than
  CVE-2010-3620.

CVE-2010-3628 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3628):
  Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and
  Mac OS X, allow attackers to execute arbitrary code or cause a denial of
  service (memory corruption) via unspecified vectors, a different
  vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621,
  CVE-2010-3622, CVE-2010-3632, and CVE-2010-3658.

CVE-2010-3627 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3627):
  Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and
  8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute
  arbitrary code via unknown vectors.

CVE-2010-3626 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3626):
  Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and
  8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute
  arbitrary code via a crafted font, a different vulnerability than
  CVE-2010-2889.

CVE-2010-3625 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3625):
  Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and
  Mac OS X, allow attackers to execute arbitrary code via unspecified vectors,
  related to a "prefix protocol handler vulnerability."

CVE-2010-3624 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3624):
  Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.5 and
  9.x before 9.4 on Mac OS X allows attackers to execute arbitrary code via a
  crafted image.

CVE-2010-3623 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3623):
  Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS X
  allow attackers to execute arbitrary code or cause a denial of service
  (memory corruption) via unspecified vectors.

CVE-2010-3622 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3622):
  Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and
  Mac OS X, allow attackers to execute arbitrary code or cause a denial of
  service (memory corruption) via unspecified vectors, a different
  vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621,
  CVE-2010-3628, CVE-2010-3632, and CVE-2010-3658.

CVE-2010-3621 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3621):
  Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and
  Mac OS X, allow attackers to execute arbitrary code or cause a denial of
  service (memory corruption) via unspecified vectors, a different
  vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3622,
  CVE-2010-3628, CVE-2010-3632, and CVE-2010-3658.

CVE-2010-3620 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3620):
  Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and
  8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute
  arbitrary code via a crafted image, a different vulnerability than
  CVE-2010-3629.

CVE-2010-3619 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3619):
  Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and
  Mac OS X, allow attackers to execute arbitrary code or cause a denial of
  service (memory corruption) via unspecified vectors, a different
  vulnerability than CVE-2010-2890, CVE-2010-3621, CVE-2010-3622,
  CVE-2010-3628, CVE-2010-3632, and CVE-2010-3658.
Comment 12 Andreas K. Hüttel archtester gentoo-dev 2011-06-14 17:18:55 UTC
No vulnerable version left in the tree, nothing to do for printing
Comment 13 GLSAMaker/CVETool Bot gentoo-dev 2011-07-10 01:48:26 UTC
CVE-2010-2890 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2890):
  Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and
  Mac OS X, allow attackers to execute arbitrary code or cause a denial of
  service (memory corruption) via unspecified vectors, a different
  vulnerability than CVE-2010-3619, CVE-2010-3621, CVE-2010-3622,
  CVE-2010-3628, CVE-2010-3632, and CVE-2010-3658.

CVE-2010-2889 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2889):
  Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and
  8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute
  arbitrary code via a crafted font, a different vulnerability than
  CVE-2010-3626.

CVE-2010-2887 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2887):
  Multiple unspecified vulnerabilities in Adobe Reader and Acrobat 9.x before
  9.4 on Linux allow attackers to gain privileges via unknown vectors.

CVE-2010-2883 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2883):
  Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x
  before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote
  attackers to execute arbitrary code or cause a denial of service
  (application crash) via a PDF document with a long field in a Smart
  INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild
  in September 2010. NOTE: some of these details are obtained from third party
  information.
Comment 14 GLSAMaker/CVETool Bot gentoo-dev 2011-07-10 01:49:29 UTC
CVE-2010-2862 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2862):
  Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and
  Acrobat 9.3.3, allows remote attackers to execute arbitrary code via a
  TrueType font with a large maxCompositePoints value in a Maximum Profile
  (maxp) table.