CVE-2010-3620Improper Input Validation in Adobe Acrobat

CWE-20Improper Input Validation7 documents4 sources
Severity
9.3CRITICALNVD
EPSS
3.4%
top 12.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe AcrobatAdobe Acrobat Reader
Timeline
PublishedOct 6
Latest updateMay 14

Description

Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted image, a different vulnerability than CVE-2010-3629.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDadobe/acrobat_reader24 versions+23
NVDadobe/acrobat25 versions+24

🔴Vulnerability Details

2
GHSA
GHSA-hp6r-93x9-m75r: Unspecified vulnerability in Adobe Reader and Acrobat 92022-05-14
GHSA
GHSA-467j-gff8-q9g7: Unspecified vulnerability in Adobe Reader and Acrobat 92022-05-14

📋Vendor Advisories

2
Red Hat
acroread: multiple code execution flaws (APSB10-21)2010-10-05
Red Hat
acroread: multiple code execution flaws (APSB10-21)2010-10-05

💬Community

1
Bugzilla
acroread: multiple code execution flaws (APSB10-21)2010-10-04
CVE-2010-3620 — Improper Input Validation in Adobe | cvebase