Main Vulnerability Database Vulnerabilities #VU6150

#VU6150 Denial of service in Adobe Acrobat and Adobe Reader - CVE-2010-0186

Published: March 22, 2017 / Updated: March 22, 2017

Vulnerability identifier: #VU6150

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2010-0186

CWE-ID: CWE-264

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Adobe Acrobat
Adobe Reader

Software vendor:
Adobe

Description

The vulnerability allows a remote attacker to cause denial of service (DoS) on the target system.

The vulnerability exists due to improper permissions control. A remote attacker can trick the victim into visiting a specially crafted Web site, bypass cross-domain sandbox controls and send unauthorized cross-domain requests to cause the application to crash.

Successful exploitation of this vulnerability may result in denial of service.

Remediation

Update Adobe Reader and Adobe Acrobat 8.x to version 8.2.1.
Update Adobe Reader and Adobe Acrobat 9.x to version 9.3.1.

External links

http://www.adobe.com/support/security/bulletins/apsb10-07.html

#VU6150 Denial of service in Adobe Acrobat and Adobe Reader - CVE-2010-0186

Description

Remediation

External links

Please verify you're human