Multiple vulnerabilities in Adobe Reader and Acrobat

Published: 2010-10-05 | Updated: 2017-03-24
Severity High
Patch available YES
Number of vulnerabilities 22
CVE ID CVE-2010-3657
CVE-2010-3656
CVE-2010-3658
CVE-2010-3632
CVE-2010-3631
CVE-2010-3630
CVE-2010-3629
CVE-2010-3628
CVE-2010-3627
CVE-2010-3626
CVE-2010-3625
CVE-2010-3624
CVE-2010-3623
CVE-2010-3622
CVE-2010-3621
CVE-2010-3620
CVE-2010-3619
CVE-2010-2890
CVE-2010-2889
CVE-2010-2888
CVE-2010-2887
CVE-2010-2884
CWE ID CWE-20
CWE-119
CWE-129
Exploitation vector Network
Public exploit Public exploit code for vulnerability #5 is available.
Vulnerable software Adobe Reader Subscribe
Adobe Acrobat
Vendor Adobe

Security Advisory

1) Improper input validation

Severity: Low

CVSSv3: 5.7 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2010-3657

CWE-ID: CWE-20 - Improper Input Validation

Description

The vulnerability allows a remote attacker to cause denial of service conditions.

The vulnerability exists due to improper input validation error when processing PDF documents. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and trigger application crash.


Mitigation

Install the latest version from vendor's website. The vulnerability is fixed in Adobe Reader and Acrobat 9.4 and 8.2.5.

Vulnerable software versions

Adobe Reader: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

Adobe Acrobat: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

CPE External links

http://www.adobe.com/support/security/bulletins/apsb10-21.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper input validation

Severity: Low

CVSSv3: 5.7 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2010-3656

CWE-ID: CWE-20 - Improper Input Validation

Description

The vulnerability allows a remote attacker to cause denial of service conditions.

The vulnerability exists due to improper input validation error when processing PDF documents. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and trigger application crash.


Mitigation

Install the latest version from vendor's website. The vulnerability is fixed in Adobe Reader and Acrobat 9.4 and 8.2.5.

Vulnerable software versions

Adobe Reader: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

Adobe Acrobat: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

CPE External links

http://www.adobe.com/support/security/bulletins/apsb10-21.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Memory corruption

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2010-3658

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing PDF documents. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, cause memory corruption and execute arbitrary code on vulnerable system.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install the latest version from vendor's website. The vulnerability is fixed in Adobe Reader and Acrobat 9.4 and 8.2.5.

Vulnerable software versions

Adobe Reader: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

Adobe Acrobat: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

CPE External links

http://www.adobe.com/support/security/bulletins/apsb10-21.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Memory corruption

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2010-3632

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing PDF documents. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, cause memory corruption and execute arbitrary code on vulnerable system.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install the latest version from vendor's website. The vulnerability is fixed in Adobe Reader and Acrobat 9.4 and 8.2.5.

Vulnerable software versions

Adobe Reader: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

Adobe Acrobat: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

CPE External links

http://www.adobe.com/support/security/bulletins/apsb10-21.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Improper validation of array index

Severity: High

CVSSv3: 8.6 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C] [PCI]

CVE-ID: CVE-2010-3631

CWE-ID: CWE-129 - Improper Validation of Array Index

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper validation of array index when processing images within PDF documents. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, cause memory corruption and execute arbitrary code on vulnerable system.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install the latest version from vendor's website. The vulnerability is fixed in Adobe Reader and Acrobat 9.4 and 8.2.5.

Vulnerable software versions

Adobe Reader: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

Adobe Acrobat: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

CPE External links

http://www.adobe.com/support/security/bulletins/apsb10-21.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

6) Memory corruption

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2010-3630

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing images within PDF documents. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, cause memory corruption and cause denial of service or execute arbitrary code on vulnerable system.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install the latest version from vendor's website. The vulnerability is fixed in Adobe Reader and Acrobat 9.4 and 8.2.5.

Vulnerable software versions

Adobe Reader: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

Adobe Acrobat: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

CPE External links

http://www.adobe.com/support/security/bulletins/apsb10-21.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Memory corruption

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2010-3629

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing images within PDF documents. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, cause memory corruption and execute arbitrary code on vulnerable system.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install the latest version from vendor's website. The vulnerability is fixed in Adobe Reader and Acrobat 9.4 and 8.2.5.

Vulnerable software versions

Adobe Reader: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

Adobe Acrobat: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

CPE External links

http://www.adobe.com/support/security/bulletins/apsb10-21.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Memory corruption

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2010-3628

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing PDF documents. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, cause memory corruption and execute arbitrary code on vulnerable system.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install the latest version from vendor's website. The vulnerability is fixed in Adobe Reader and Acrobat 9.4 and 8.2.5.

Vulnerable software versions

Adobe Reader: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

Adobe Acrobat: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

CPE External links

http://www.adobe.com/support/security/bulletins/apsb10-21.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Memory corruption

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2010-3627

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing PDF documents. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, cause memory corruption and execute arbitrary code on vulnerable system.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install the latest version from vendor's website. The vulnerability is fixed in Adobe Reader and Acrobat 9.4 and 8.2.5.

Vulnerable software versions

Adobe Reader: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

Adobe Acrobat: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

CPE External links

http://www.adobe.com/support/security/bulletins/apsb10-21.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Memory corruption

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2010-3626

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when parsing fonts within PDF document. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, cause memory corruption and execute arbitrary code on vulnerable system.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install the latest version from vendor's website. The vulnerability is fixed in Adobe Reader and Acrobat 9.4 and 8.2.5.

Vulnerable software versions

Adobe Reader: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

Adobe Acrobat: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

CPE External links

http://www.adobe.com/support/security/bulletins/apsb10-21.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Improper input validation

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2010-3625

CWE-ID: CWE-20 - Improper Input Validation

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing PDF protocol handlers. A remote attacker can create a specially crafted URI, trick the victim into clicking on it and execute arbitrary commands on vulnerable system.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install the latest version from vendor's website. The vulnerability is fixed in Adobe Reader and Acrobat 9.4 and 8.2.5.

Vulnerable software versions

Adobe Reader: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

Adobe Acrobat: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

CPE External links

http://www.adobe.com/support/security/bulletins/apsb10-21.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Memory corruption

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2010-3624

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing images within PDF files on Macintosh platforms. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, cause memory corruption and execute arbitrary code on vulnerable system.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install the latest version from vendor's website. The vulnerability is fixed in Adobe Reader and Acrobat 9.4 and 8.2.5.

Vulnerable software versions

Adobe Reader: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

Adobe Acrobat: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

CPE External links

http://www.adobe.com/support/security/bulletins/apsb10-21.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Memory corruption

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2010-3623

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing PDF files on Macintosh platforms. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, cause memory corruption and execute arbitrary code on vulnerable system.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install the latest version from vendor's website. The vulnerability is fixed in Adobe Reader and Acrobat 9.4 and 8.2.5.

Vulnerable software versions

Adobe Reader: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

Adobe Acrobat: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

CPE External links

http://www.adobe.com/support/security/bulletins/apsb10-21.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Memory corruption

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2010-3622

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, cause memory corruption and execute arbitrary code on vulnerable system.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install the latest version from vendor's website. The vulnerability is fixed in Adobe Reader and Acrobat 9.4 and 8.2.5.

Vulnerable software versions

Adobe Reader: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

Adobe Acrobat: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

CPE External links

http://www.adobe.com/support/security/bulletins/apsb10-21.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Memory corruption

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2010-3621

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, cause memory corruption and execute arbitrary code on vulnerable system.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install the latest version from vendor's website. The vulnerability is fixed in Adobe Reader and Acrobat 9.4 and 8.2.5.

Vulnerable software versions

Adobe Reader: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

Adobe Acrobat: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

CPE External links

http://www.adobe.com/support/security/bulletins/apsb10-21.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Memory corruption

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2010-3620

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing images within PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, cause memory corruption and execute arbitrary code on vulnerable system.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install the latest version from vendor's website. The vulnerability is fixed in Adobe Reader and Acrobat 9.4 and 8.2.5.

Vulnerable software versions

Adobe Reader: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

Adobe Acrobat: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

CPE External links

http://www.adobe.com/support/security/bulletins/apsb10-21.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Memory corruption

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2010-3619

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, cause memory corruption and execute arbitrary code on vulnerable system.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install the latest version from vendor's website. The vulnerability is fixed in Adobe Reader and Acrobat 9.4 and 8.2.5.

Vulnerable software versions

Adobe Reader: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

Adobe Acrobat: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

CPE External links

http://www.adobe.com/support/security/bulletins/apsb10-21.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Memory corruption

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2010-2890

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, cause memory corruption and execute arbitrary code on vulnerable system.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install the latest version from vendor's website. The vulnerability is fixed in Adobe Reader and Acrobat 9.4 and 8.2.5.

Vulnerable software versions

Adobe Reader: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

Adobe Acrobat: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

CPE External links

http://www.adobe.com/support/security/bulletins/apsb10-21.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Memory corruption

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2010-2889

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when parsing fonts within PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it in Internet Explorer, cause memory corruption and execute arbitrary code on vulnerable system.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install the latest version from vendor's website. The vulnerability is fixed in Adobe Reader and Acrobat 9.4 and 8.2.5.

Vulnerable software versions

Adobe Reader: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

Adobe Acrobat: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

CPE External links

http://www.adobe.com/support/security/bulletins/apsb10-21.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Improper input validation

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2010-2888

CWE-ID: CWE-20 - Improper Input Validation

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error within ActiveX component when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it in Internet Explorer, cause memory corruption and execute arbitrary code on vulnerable system.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Install the latest version from vendor's website. The vulnerability is fixed in Adobe Reader and Acrobat 9.4 and 8.2.5.

Vulnerable software versions

Adobe Reader: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

Adobe Acrobat: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

CPE External links

http://www.adobe.com/support/security/bulletins/apsb10-21.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Privilege escalation in Linux version

Severity: Low

CVSSv3: 7.5 [CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2010-2887

CWE-ID: CWE-20 - Improper Input Validation

Description

The vulnerability allows a local user to escalate privileges.

The vulnerability exists due unknown error. A local user can escalate privileges on vulnerable Linux system.

Mitigation

Install the latest version from vendor's website. The vulnerability is fixed in Adobe Reader and Acrobat 9.4 and 8.2.5.

Vulnerable software versions

Adobe Reader: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

Adobe Acrobat: 8.1.1, 8.1.2, 8.1.2 Security Update 1 patch, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4

CPE External links

http://www.adobe.com/support/security/bulletins/apsb10-21.html

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Memory corruption

Severity: High

CVSSv3: 8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2010-2884

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing malicious SWF files. A remote attacker can create a specially crafted .swf document, trick the victim into opening it, cause memory corruption and execute arbitrary code on vulnerable system.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Mitigation

Update Adobe Reader and Acrobat 8.x to version 8.2.5. Update Adobe Reader and Acrobat 9.x to version 9.4.

Vulnerable software versions

Adobe Acrobat: 8.0, 8.1, 8.1.1, 8.1.2, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 8.2.5, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4, 9.4

Adobe Reader: 8.0, 8.1, 8.1.1, 8.1.2, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.2, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 8.2.5, 9.0, 9.1, 9.1.1, 9.1.2, 9.1.3, 9.2, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4, 9.4

CPE External links

http://www.adobe.com/support/security/bulletins/apsb10-22.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.