Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and Acrobat 9.3.3, allows remote malicious users to execute arbitrary code via a TrueType font with a large maxCompositePoints value in a Maximum Profile (maxp) table.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
adobe acrobat reader 8.2.3 |
||
adobe acrobat reader 9.3.3 |
||
adobe acrobat 9.3.3 |
That was fast
Adobe plans to release an emergency update patching a critical vulnerability in its ubiquitous Reader application that was disclosed at last week's Black Hat security conference in Las Vegas. The fix will be made available during the week of August 16 for Windows, Mac OS X, and Unix versions of Adobe Reader 9.3.3, company officials said on Thursday. It will patch a hole that security researcher Charlie Miller disclosed during a talk demonstrating a tool called BitBlaze, which streamlines the ana...