CVE-2010-2209Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Acrobat

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer23 documents4 sources
Severity
9.3CRITICALNVD
EPSS
9.6%
top 7.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe AcrobatAdobe Acrobat Reader
Timeline
PublishedJun 30
Latest updateMay 14

Description

Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDadobe/acrobat_reader19 versions+18
NVDadobe/acrobat21 versions+20

Patches

Patch: www.adobe.comPatch: www.adobe.com

🔴Vulnerability Details

7
GHSA
GHSA-qwcx-g9pf-v9j5: Adobe Reader and Acrobat 92022-05-14
GHSA
GHSA-fv9q-w2fc-m6jg: Buffer overflow in Adobe Reader and Acrobat 92022-05-14
GHSA
GHSA-w5cf-825f-4cf6: Adobe Reader and Acrobat 92022-05-14
GHSA
GHSA-2gfx-wjv6-pqp4: Adobe Reader and Acrobat 92022-05-14
GHSA
GHSA-jgwh-gf9q-8hjj: Adobe Reader and Acrobat 92022-05-14

📋Vendor Advisories

7
Red Hat
acroread: multiple code execution flaws (APSB10-15)2010-06-29
Red Hat
acroread: multiple code execution flaws (APSB10-15)2010-06-29
Red Hat
acroread: multiple code execution flaws (APSB10-15)2010-06-29
Red Hat
acroread: multiple code execution flaws (APSB10-15)2010-06-29
Red Hat
acroread: multiple code execution flaws (APSB10-15)2010-06-29

💬Community

2
Bugzilla
CVE-2010-2596 libtiff: assertion failure on downsampled OJPEG file2010-07-02
Bugzilla
acroread: multiple code execution flaws (APSB10-15)2010-06-29
CVE-2010-2209 — Adobe Acrobat vulnerability | cvebase