Intrusion Prevention

Adobe.Reader.ICC.Parsing.Allocation.Fail.Code.Execution

Description

This indicates an attack attempt against a heap-overflow vulnerability in Adobe products.
The vulnerability is caused by an error when the vulnerable software handles malformed PDF files. A remote attacker may exploit this to execute arbitrary code via a crafted PDF file.

Affected Products

Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX
Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Refer to the following Adobe advisory for the updates:
http://www.adobe.com/support/security/bulletins/apsb10-21.html

CVE References

CVE-2010-3622