CVE-2010-2862

EXPLOITED

Adobe Reader 8.2.3 and 9.3.3 and Acrobat 9.3.3 - Remote Code Execution via TrueType Font maxCompositePoints Overflow

Title source: llm

Exploitation Summary

CVE-2010-2862 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Ramz Afzar.

AI-analyzed exploit summary The provided content is a writeup referencing an Adobe Acrobat Font Parsing vulnerability (CVE-2010-2862), including a link to a detailed analysis paper and a proof-of-concept archive. It does not contain direct exploit code but points to external resources for further study.

Description

Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and Acrobat 9.3.3, allows remote attackers to execute arbitrary code via a TrueType font with a large maxCompositePoints value in a Maximum Profile (maxp) table.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Ramz Afzar · textdoswindows

https://www.exploit-db.com/exploits/14642

View Code ZIP pw:eip

The provided content is a writeup referencing an Adobe Acrobat Font Parsing vulnerability (CVE-2010-2862), including a link to a detailed analysis paper and a proof-of-concept archive. It does not contain direct exploit code but points to external resources for further study.

Classification

Writeup 80%

Attack Type

Other

Complexity

Moderate

Reliability

Theoretical

Target: Adobe Acrobat

No auth needed

Prerequisites: Access to the referenced external resources

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Various Sources x_refsource_misc

http://www.zdnet.co.uk/news/security-threats/2010/08/04/adobe-confirms-pdf-security-hole-in-reader-40089737/

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/40766

US Government Resource third-party-advisory x_refsource_cert

http://www.us-cert.gov/cas/techalerts/TA10-231A.html

Various Sources x_refsource_misc

http://securityevaluators.com/files/papers/CrashAnalysis.pdf

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11693

Scores

EPSS 0.3757

EPSS Percentile 97.3%

Details

VulnCheck KEV 2012-10-18

CWE

CWE-189

Status published

Products (3)

adobe/acrobat 9.3.3

adobe/acrobat_reader 8.2.3

adobe/acrobat_reader 9.3.3

Published Aug 05, 2010

Tracked Since Feb 18, 2026