Fortinet's FortiGuard Labs has discovered two memory corruption vulnerabilities in Adobe Reader / Acrobat, which allow a remote attacker to compromise a system through a malicious document.


Remote Code Execution.



Affected Software:

For a list of affected software, please refer to the Adobe Security Bulletin reference below.

Additional Information:

Two memory corruption vulnerabilities were discovered in Adobe Reader / Acrobat, each of which is highlighted below:
  • Memory corruption in "3difr.x3d". The vulnerable X3D component is a plugin used to display 3D material, which when present in a PDF document, can lead to exploitation (CVE-2010-0194).
  • Memory corruption through heap overflow in "CoolType.dll" (CVE-2010-1241).
The vulnerabilities are triggered when opening and rendering a PDF document. A remote attacker could craft a malicious document which exploits either one of these vulnerabilities, allowing them to compromise a system.

FortiGuard Labs released the following signatures to protect against these vulnerabilities
  • "Adobe.Reader.DeviceRGB.Subtype.Stream.Memory.Corruption", previously released as "FG-VD-10-003-Adobe" (CVE-2010-0194).
  • "Adobe.Reader.Acrobat.Pro.CFF.Encodings.Handling.Heap.Overflow", previously released as "FG-VD-10-005-Adobe" (CVE-2010-1241).

  • Bing Liu of Fortinet's FortiGuard Labs (CVE-2010-0194)
  • Haifei Li of Fortinet's FortiGuard Labs (CVE-2010-1241)