HTTP: Adobe Acrobat Reader ICC Stream Remote Code Execution (APSB10-21)
This signature detects attempts to exploit a known vulnerability in Adobe Acrobat Reader. A successful attack can lead to a integer overflow and arbitrary remote code execution within the context of the client.
Extended Description
Adobe Acrobat and Reader are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Adobe Reader and Acrobat versions prior to and including 9.3.4 and 8.2.4 are affected.
Affected Products
Red_hat enterprise_linux_as_extras
Short Name
HTTP:STC:ADOBE:READER-ICC-RCE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
(APSB10-21) Acrobat Adobe CVE-2010-3621 CVE-2010-3622 Code Execution ICC Reader Remote Stream bid:43726 bid:43729
Release Date
02/28/2014
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3716
False Positive
Unknown
Vendors
Red_hat
Suse
Adobe
Gentoo
CVSS Score
9.3