CVE-2010-1241Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Acrobat Reader

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer5 documents5 sources
Severity
9.3CRITICALNVD
EPSS
26.2%
top 3.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Acrobat Reader
Timeline
PublishedApr 5
Latest updateMay 2

Description

Heap-based buffer overflow in the custom heap management system in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, aka FG-VD-10-005.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDadobe/acrobat_reader18 versions+17

🔴Vulnerability Details

2
GHSA
GHSA-fcqq-w27v-8hfw: Heap-based buffer overflow in the custom heap management system in Adobe Reader and Acrobat 92022-05-02
VulnCheck
Adobe Acrobat and Reader Improper Restriction of Operations within the Bounds of a Memory Buffer2010

📋Vendor Advisories

1
Red Hat
Acroread: Heap-based overflow by opening a specially-crafted PDF file (FG-VD-10-005)2010-03-23

💬Community

1
Bugzilla
CVE-2010-1241 Acroread: Heap-based overflow by opening a specially-crafted PDF file (FG-VD-10-005)2010-04-03
CVE-2010-1241 — Adobe Acrobat Reader vulnerability | cvebase