⚠ Actively exploited

Added to CISA KEV on 2022-06-08. Federal agencies required to patch by 2022-06-22. Required action: The impacted product is end-of-life and should be disconnected if still in use..

CVE-2010-1297 — Out-of-bounds Write in Adobe Acrobat

CWE-787 — Out-of-bounds Write18 documents10 sources

Severity

7.8HIGHNVD

EPSS

93.0%

top 0.22%

CISA KEV

KEV

Added 2022-06-08

Due 2022-06-22

Exploit

Exploited in wild

Active exploitation observed

Affected products

Adobe Acrobat Adobe AIR Adobe Flash Player +2 more

Timeline

PublishedJun 8

KEV addedJun 8

KEV dueJun 22

CISA Required Action: The impacted product is end-of-life and should be disconnected if still in use.

Description

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, related to authplay.dll and the ActionScript Virtual Machine 2 (AVM2) newfunction instruction, as exploited in the wild in June 2010.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

▶NVDadobe/flash_player10.0 — 10.1.53.64+1

▶NVDadobe/acrobat8.0 — 8.2.3+1

▶NVDadobe/air< 2.0.2.12610

▶NVDopensuse/opensuse11.0 — 11.2

Also affects: Linux Enterprise 10.0, 11.0

🔴Vulnerability Details

GHSA

GHSA-cv7g-qpjc-66p7: Adobe Flash Player before 9↗2022-05-02

▶

CVEList

CVE-2010-1297: Adobe Flash Player before 9↗2010-06-08

▶

VulnCheck

Adobe Flash Player Memory Corruption Vulnerability↗2010

▶

💥Exploits & PoCs

Exploit-DB

Adobe Flash Player - 'newfunction' Invalid Pointer Use (Metasploit) (2)↗2010-09-25

▶

Exploit-DB

Adobe Flash Player - 'newfunction' Invalid Pointer Use (Metasploit) (1)↗2010-09-20

▶

Exploit-DB

Adobe Acrobat Reader and Flash Player - 'newclass' Invalid Pointer↗2010-09-01

▶

Exploit-DB

Adobe Flash / Reader - Live Malware↗2010-06-09

▶

🔍Detection Rules

Suricata

ET WEB_CLIENT Adobe Authplay.dll NewClass Memory Corruption Attempt↗2011-07-15

▶

Suricata

ET WEB_CLIENT Possible Adobe Acrobat Reader Newclass Invalid Pointer Remote Code Execution Attempt↗2010-09-29

▶

Suricata

ET WEB_CLIENT PDF With Embedded Flash Possible Remote Code Execution Attempt↗2010-09-27

▶

Suricata

ET WEB_CLIENT PDF With Embedded Adobe Shockwave Flash Possibly Related to Remote Code Execution Attempt↗2010-09-27

▶

YARA

FlashNewfunction↗

▶

📋Vendor Advisories

CISA

Adobe Flash Player Memory Corruption Vulnerability↗2022-06-08

▶

Red Hat

flash-plugin: Arbitrary code execution by opening a specially-crafted PDF file with malicious SWF content (APSA10-01)↗2010-06-04

▶

💬Community

Bugzilla

acroread: multiple code execution flaws (APSB10-15)↗2010-06-29

▶

Bugzilla

flash-plugin: multiple security flaws (APSB10-14)↗2010-06-10

▶

Bugzilla

CVE-2010-1297 acroread, flash-plugin: Arbitrary code execution by opening a specially-crafted PDF file with malicious SWF content (APSA10-01)↗2010-06-05

▶