⚠ Actively exploited in ransomware campaigns

This vulnerability is on the CISA Known Exploited Vulnerabilities list and has been used in known ransomware attacks. CISA required action: Apply updates per vendor instructions.. Due date: 2022-03-24.

CVE-2010-0188 — Code Injection in Adobe Acrobat

CWE-94 — Code Injection22 documents14 sources

Severity

7.8HIGHNVD

EPSS

93.6%

top 0.17%

CISA KEV

KEVRansomware

Added 2022-03-03

Due 2022-03-24

Exploit

Exploited in wild

Active exploitation observed

Affected products

Adobe Acrobat Adobe Acrobat Reader

Timeline

PublishedFeb 22

KEV addedMar 3

KEV dueMar 24

Latest updateMay 2

CISA Required Action: Apply updates per vendor instructions.

Description

Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶NVDadobe/acrobat_reader8.0 — 8.2.1+1

▶NVDadobe/acrobat8.0 — 8.2.1+1

🔴Vulnerability Details

GHSA

GHSA-g5pc-j3x2-5p8p: Unspecified vulnerability in Adobe Reader and Acrobat 8↗2022-05-02

▶

VulnCheck

Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability↗2010

▶

💥Exploits & PoCs

Exploit-DB

Apple iOS Mobile Safari - LibTIFF Buffer Overflow (Metasploit)↗2012-10-09

▶

Exploit-DB

Apple iOS Mobile Mail - LibTIFF Buffer Overflow (Metasploit)↗2012-10-09

▶

Exploit-DB

Adobe Acrobat - Bundled LibTIFF Integer Overflow (Metasploit)↗2010-09-25

▶

Exploit-DB

Adobe Reader PDF - LibTiff Integer Overflow Code Execution↗2010-03-17

▶

Metasploit

Adobe Acrobat Bundled LibTIFF Integer Overflow↗

▶

🔍Detection Rules

Suricata

ET EXPLOIT_KIT Redkit Exploit Kit Three Numerical Character Naming Convention PDF Request↗2013-01-15

▶

📋Vendor Advisories

CISA

Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability↗2022-03-03

▶

Red Hat

acroread: unspecified code execution flaw↗2010-02-16

▶

🕵️Threat Intelligence

Securelist

Investigation Report for the September 2014 Equation malware detection incident in the US↗2017-11-16

▶

Securelist

Investigation Report for the September 2014 Equation malware detection incident in the US↗2017-11-16

▶

Qualys

US-CERT: Top 30 Vulnerabilities | Qualys↗2015-05-01

▶

Qualys

US-CERT: Top 30 Vulnerabilities | Qualys↗2015-05-01

▶

Talos

Evolution of the Nuclear Exploit Kit↗2014-10-09

▶

📄Research Papers

arXiv

To believe or not to believe: Validating explanation fidelity for dynamic malware analysis↗2019-04-30

▶

💬Community

Bugzilla

CVE-2010-0188 acroread: unspecified code execution flaw↗2010-02-17

▶