CVE-2011-2100 — Adobe Acrobat vulnerability

3 documents3 sources

Severity

6.9MEDIUMNVD

EPSS

0.2%

top 52.19%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Acrobat Adobe Acrobat Reader

Timeline

PublishedJun 16

Latest updateMay 17

Description

Untrusted search path vulnerability in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages2 packages

▶NVDadobe/acrobat_reader35 versions+34

▶NVDadobe/acrobat36 versions+35

Patches

Patch: www.adobe.com ↗Patch: www.adobe.com ↗

🔴Vulnerability Details

GHSA

GHSA-5v76-c58x-48cc: Untrusted search path vulnerability in Adobe Reader and Acrobat 8↗2022-05-17

▶

💬Community

Bugzilla

acroread: multiple code execution flaws (APSB11-16)↗2011-07-12

▶