CVE-2010-0201Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Acrobat

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer17 documents5 sources
Severity
9.3CRITICALNVD
EPSS
9.5%
top 7.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe AcrobatAdobe Acrobat Reader
Timeline
PublishedApr 14
Latest updateMay 2

Description

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0197, and CVE-2010-0204.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDadobe/acrobat_reader17 versions+16
NVDadobe/acrobat19 versions+18

Patches

Patch: www.adobe.comPatch: www.vupen.comPatch: www.adobe.com

🔴Vulnerability Details

4
GHSA
GHSA-w4p3-9jw4-3vwr: Adobe Reader and Acrobat 92022-05-02
GHSA
GHSA-jv8c-ggjv-cc68: Adobe Reader and Acrobat 92022-05-02
GHSA
GHSA-8w8r-x75f-4wvv: Adobe Reader and Acrobat 92022-05-02
GHSA
GHSA-mp5m-jpf6-cg5g: Adobe Reader and Acrobat 92022-05-02

💥Exploits & PoCs

4
Exploit-DB
Samba 2.2.8 (Linux x86) - 'trans2open' Remote Overflow (Metasploit)2010-07-14
Exploit-DB
Samba 2.2.8 (OSX/PPC) - 'trans2open' Remote Overflow (Metasploit)2010-06-21
Exploit-DB
Samba 2.2.8 (Solaris SPARC) - 'trans2open' Remote Overflow (Metasploit)2010-06-21
Exploit-DB
Samba 2.2.8 (BSD x86) - 'trans2open' Remote Overflow (Metasploit)2010-06-17

📋Vendor Advisories

4
Red Hat
Acroread: Multiple code execution flaws (APSB10-09)2010-04-13
Red Hat
Acroread: Multiple code execution flaws (APSB10-09)2010-04-13
Red Hat
Acroread: Multiple code execution flaws (APSB10-09)2010-04-13
Red Hat
Acroread: Multiple code execution flaws (APSB10-09)2010-04-13

💬Community

1
Bugzilla
Acroread: Multiple code execution flaws (APSB10-09)2010-04-12
CVE-2010-0201 — Adobe Acrobat vulnerability | cvebase