CVE-2010-1278Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Acrobat

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
9.3CRITICALNVD
EPSS
13.9%
top 5.66%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe AcrobatAdobe Reader
Timeline
PublishedApr 22
Latest updateMay 2

Description

Buffer overflow in the Atlcom.get_atlcom ActiveX control in gp.ocx in Adobe Download Manager, as used in Adobe Reader and Acrobat 8.x before 8.2 and 9.x before 9.3, allows remote attackers to execute arbitrary code via unspecified parameters.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDadobe/reader13 versions+12
NVDadobe/acrobat15 versions+14

Patches

Patch: www.adobe.comPatch: www.adobe.com

🔴Vulnerability Details

2
GHSA
GHSA-rgwc-gg84-29x5: Buffer overflow in the Atlcom2022-05-02
CVEList
CVE-2010-1278: Buffer overflow in the Atlcom2010-04-22
CVE-2010-1278 — Adobe Acrobat vulnerability | cvebase