Main Vulnerability Database Vulnerabilities #VU6151

Arbitrary code execution in Adobe Acrobat and Adobe Reader - CVE-2010-0188

Published: March 22, 2017 / Updated: November 20, 2020

Vulnerability identifier: #VU6151

CSH Severity: High

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber

CVE-ID: CVE-2010-0188

CWE-ID: CWE-264

Exploitation vector: Remote access

Exploit availability: The vulnerability is being exploited in the wild

Vendor: Adobe

Affected software:
Adobe Acrobat
Adobe Reader

Detailed vulnerability description

The vulnerability allows a remote attacker to gain elevated privileges on the target system.

The vulnerability exists due to improper permissions control. A remote attacker can gain elevated privileges, cause the target application to crash or even execute arbitrary code.

Successful exploitation of this vulnerability may result in arbitrary code execution.

How to mitigate CVE-2010-0188

Update Adobe Reader and Adobe Acrobat 8.x to version 8.2.1.
Update Adobe Reader and Adobe Acrobat 9.x to version 9.3.1.

Sources

http://www.adobe.com/support/security/bulletins/apsb10-07.html

Arbitrary code execution in Adobe Acrobat and Adobe Reader - CVE-2010-0188

Detailed vulnerability description

How to mitigate CVE-2010-0188

Sources

Please verify you're human