CVE-2010-3658Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Acrobat

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer22 documents4 sources
Severity
9.3CRITICALNVD
EPSS
7.5%
top 8.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe AcrobatAdobe Acrobat Reader
Timeline
PublishedOct 6
Latest updateMay 14

Description

Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, and CVE-2010-3632.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDadobe/acrobat_reader24 versions+23
NVDadobe/acrobat25 versions+24

Patches

Patch: www.adobe.comPatch: www.adobe.com

🔴Vulnerability Details

7
GHSA
GHSA-h7xf-9xwx-5jwr: Adobe Reader and Acrobat 92022-05-14
GHSA
GHSA-8mfm-2hq6-fqgv: Adobe Reader and Acrobat 92022-05-14
GHSA
GHSA-f353-7g26-pffr: Adobe Reader and Acrobat 92022-05-14
GHSA
GHSA-jxhj-q7g3-3ppj: Adobe Reader and Acrobat 92022-05-14
GHSA
GHSA-j9cq-7374-2854: Adobe Reader and Acrobat 92022-05-14

📋Vendor Advisories

7
Red Hat
acroread: multiple code execution flaws (APSB10-21)2010-10-05
Red Hat
acroread: multiple code execution flaws (APSB10-21)2010-10-05
Red Hat
acroread: multiple code execution flaws (APSB10-21)2010-10-05
Red Hat
acroread: multiple code execution flaws (APSB10-21)2010-10-05
Red Hat
acroread: multiple code execution flaws (APSB10-21)2010-10-05

💬Community

1
Bugzilla
acroread: multiple code execution flaws (APSB10-21)2010-10-04
CVE-2010-3658 — Adobe Acrobat vulnerability | cvebase