⚠ Exploited in the wild
Exploitation observed in the wild. Not yet on CISA KEV.

CVE-2010-2884Out-of-bounds Write in Adobe Acrobat

6 documents5 sources
Severity
9.3CRITICALNVD
EPSS
39.7%
top 2.68%
CISA KEV
Not in KEV
Exploit
Exploited in wild
Active exploitation observed
Affected products
3
Adobe AcrobatAdobe Acrobat ReaderAdobe Flash Player
Timeline
PublishedSep 15
Latest updateMay 14

Description

Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in September 2010.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages3 packages

NVDadobe/acrobat_reader9.3.4+55
NVDadobe/acrobat9.3.4+55
NVDadobe/flash_player10.1.82.76+48

🔴Vulnerability Details

2
GHSA
GHSA-v9gp-hvmh-g79c: Adobe Flash Player 102022-05-14
VulnCheck
Adobe Flash Player Denial of Service2010

📋Vendor Advisories

1
Red Hat
Flash: crash or potential arbitrary code execution (APSB10-22)2010-09-13

💬Community

2
Bugzilla
acroread: multiple code execution flaws (APSB10-21)2010-10-04
Bugzilla
CVE-2010-2884 Adobe Flash: crash or potential arbitrary code execution (APSB10-22)2010-09-14
CVE-2010-2884 — Out-of-bounds Write in Adobe Acrobat | cvebase