Intrusion Prevention

Adobe.Acrobat.PrintSeps.Heap.Corruption

Description

This indicates an attack attempt against a heap-corruption vulnerability in Adobe products.
This issue is caused by an error when the vulnerable software handles the "printSeps()" function within a PDF document. It may allow remote attackers to execute arbitrary code by sending a crafted PDF file.

Affected Products

Adobe Reader version 9.4 and prior
Adobe Reader version 8.2.5 and prior
Adobe Acrobat version 9.4 and prior
Adobe Acrobat version 8.2.5 and prior

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the patch supplied by the vendor:
http://www.adobe.com/support/security/bulletins/apsb10-28.html

CVE References

CVE-2010-4091