Intrusion Prevention

Adobe.Reader.Embedded.JP2K.JP2C.Box.Missing

Description

This indicates an attack attempt against a code-execution vulnerability in Adobe Reader and Acrobat.
The vulnerability is caused by an error when the vulnerable software handles PDF files with a malformed image stream. It allows a remote attacker to execute arbitrary code via sending a crafted PDF file.

Affected Products

Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Please refer to the following Adobe advisory for the updates or patches:
http://www.adobe.com/support/security/bulletins/apsb10-21.html

CVE References

CVE-2010-3620