For the complete experience, please enable JavaScript in your browser. Thank you!
Release date: September 8, 2010
Last updated: October 5, 2010
Vulnerability identifier: APSA10-02
CVE number: CVE-2010-2883
Platform: All
A critical vulnerability exists in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2883) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild.
A fix is now available for Adobe Reader 9.3.4 for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 for Windows and Macintosh as of Tuesday, October 5, 2010. Please refer to Security Bulletin APSB10-21.
Adobe categorizes this as a critical issue.
Adobe would like to thank Mila Parkour of http://contagiodump.blogspot.com for working on this issue with Adobe to help protect our customers.
October 5, 2010 - Updated with information on Security Bulletin APSB10-21
September 13, 2010 - Updated information on the release schedule, and that the releases represent the next quarterly security update (originally scheduled for October 12, 2010).
September 10, 2010 - Added the Mitigations section with instructions for a mitigation option for Windows users.
September 8, 2010 - Advisory released.
Americas
Europe, Middle East and Africa
Asia Pacific
Copyright © 2024 Adobe Systems Incorporated. All rights reserved.