Summary:

Fortinet's FortiGuard Labs has discovered two memory corruption vulnerabilities in Adobe Reader / Acrobat, which allow a remote attacker to compromise a system through a malicious document.

Impact:

Remote Code Execution.

Risk:

High.

Affected Software:

For a list of affected software, please refer to the Adobe Security Bulletin reference below.

Additional Information:

Two memory corruption vulnerabilities were discovered in Adobe Reader / Acrobat, each of which is highlighted below:

• Memory corruption in "3difr.x3d". The vulnerable X3D component is a plugin used to display 3D material, which when present in a PDF document, can lead to exploitation (CVE-2010-0194).
• Memory corruption through heap overflow in "CoolType.dll" (CVE-2010-1241).

The vulnerabilities are triggered when opening and rendering a PDF document. A remote attacker could craft a malicious document which exploits either one of these vulnerabilities, allowing them to compromise a system.

Solutions:

• Users should apply the solution provided by Adobe.

FortiGuard Labs released the following signatures to protect against these vulnerabilities

• "Adobe.Reader.DeviceRGB.Subtype.Stream.Memory.Corruption", previously released as "FG-VD-10-003-Adobe" (CVE-2010-0194).
• "Adobe.Reader.Acrobat.Pro.CFF.Encodings.Handling.Heap.Overflow", previously released as "FG-VD-10-005-Adobe" (CVE-2010-1241).

References:

• Adobe Security Bulletin: http://www.adobe.com/support/security/bulletins/apsb10-09.html
• CVE ID: CVE-2010-0194
• CVE ID: CVE-2010-1241

Acknowledgment:

• Bing Liu of Fortinet's FortiGuard Labs (CVE-2010-0194)
• Haifei Li of Fortinet's FortiGuard Labs (CVE-2010-1241)