Intrusion Prevention

Adobe.Reader.Font.Parsing.Infinite.Loop

Description

This indicates an attack attempt against a buffer-overflow vulnerability in Adobe Reader and Acrobat.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted PDF file. It allows a remote attacker to execute arbitrary code.

Affected Products

Adobe Reader version 9.3.4 and prior
Adobe Reader version 8.2.4 and prior
Adobe Acrobat version 9.3.4 and prior
Adobe Acrobat version 8.2.4 and prior

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.
Denial of Service

Recommended Actions

Apply the patch supplied by the vendor:
http://www.adobe.com/support/security/bulletins/apsb10-21.html

CVE References

CVE-2010-3619