CVE-2010-0198Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Acrobat

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer18 documents5 sources
Severity
9.3CRITICALNVD
OSV4.0
EPSS
27.0%
top 3.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
OpensslAdobe AcrobatAdobe Acrobat Reader
Timeline
PublishedApr 14
Latest updateMay 2

Description

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0199, CVE-2010-0202, and CVE-2010-0203.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages3 packages

NVDadobe/acrobat_reader17 versions+16
NVDadobe/acrobat19 versions+18
Ubuntuopenssl/openssl< 1.0.1f-1ubuntu2.1

Patches

Patch: www.adobe.comPatch: www.vupen.comPatch: www.adobe.com

🔴Vulnerability Details

5
GHSA
GHSA-98g7-ggp2-2q96: Buffer overflow in Adobe Reader and Acrobat 92022-05-02
GHSA
GHSA-jrmq-vqww-4jq8: Buffer overflow in Adobe Reader and Acrobat 92022-05-02
GHSA
GHSA-3q94-6qx8-j4xw: Buffer overflow in Adobe Reader and Acrobat 92022-05-02
GHSA
GHSA-4rhv-54g5-f4cm: Buffer overflow in Adobe Reader and Acrobat 92022-05-02
OSV
openssl vulnerabilities2014-05-05

📋Vendor Advisories

5
Red Hat
Acroread: Multiple code execution flaws (APSB10-09)2010-04-13
Red Hat
Acroread: Multiple code execution flaws (APSB10-09)2010-04-13
Red Hat
Acroread: Multiple code execution flaws (APSB10-09)2010-04-13
Red Hat
Acroread: Multiple code execution flaws (APSB10-09)2010-04-13
Red Hat
OpenLDAP: Doesn't properly handle NULL character in subject Common Name2009-08-10

💬Community

2
Bugzilla
CVE-2014-0221 CVE-2014-0198 CVE-2014-0224 CVE-2014-0195 CVE-2010-5298 CVE-2014-3470 mingw-openssl: various flaws [epel-7]2014-08-07
Bugzilla
Acroread: Multiple code execution flaws (APSB10-09)2010-04-12
CVE-2010-0198 — Adobe Acrobat vulnerability | cvebase