Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2010-4091
Vulnerability from cvelistv5
Published
2010-11-07 21:00
Modified
2024-08-07 03:34
Severity ?
EPSS score ?
Summary
The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.763Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42095",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42095"
},
{
"name": "69005",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/69005"
},
{
"name": "ADV-2011-0191",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"name": "43025",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43025"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html"
},
{
"name": "ADV-2010-3111",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3111"
},
{
"name": "ADV-2010-2890",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2890"
},
{
"name": "GLSA-201101-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"name": "44638",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44638"
},
{
"name": "RHSA-2010:0934",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
},
{
"name": "20101103 [0dayz] Acrobat Reader Memory Corruption Remote Arbitrary Code Execution",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html"
},
{
"name": "ADV-2011-0337",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"name": "1025033",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025033"
},
{
"name": "42401",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42401"
},
{
"name": "1024684",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024684"
},
{
"name": "oval:org.mitre.oval:def:12527",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12527"
},
{
"name": "15419",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/15419"
},
{
"name": "adobe-reader-pdf-file-ce(62996)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62996"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"name": "SUSE-SA:2010:058",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "42095",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42095"
},
{
"name": "69005",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/69005"
},
{
"name": "ADV-2011-0191",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"name": "43025",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43025"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html"
},
{
"name": "ADV-2010-3111",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3111"
},
{
"name": "ADV-2010-2890",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2890"
},
{
"name": "GLSA-201101-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"name": "44638",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44638"
},
{
"name": "RHSA-2010:0934",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
},
{
"name": "20101103 [0dayz] Acrobat Reader Memory Corruption Remote Arbitrary Code Execution",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html"
},
{
"name": "ADV-2011-0337",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"name": "1025033",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025033"
},
{
"name": "42401",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42401"
},
{
"name": "1024684",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024684"
},
{
"name": "oval:org.mitre.oval:def:12527",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12527"
},
{
"name": "15419",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/15419"
},
{
"name": "adobe-reader-pdf-file-ce(62996)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62996"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"name": "SUSE-SA:2010:058",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2010-4091",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42095",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42095"
},
{
"name": "69005",
"refsource": "OSVDB",
"url": "http://osvdb.org/69005"
},
{
"name": "ADV-2011-0191",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"name": "43025",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43025"
},
{
"name": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html",
"refsource": "MISC",
"url": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html"
},
{
"name": "ADV-2010-3111",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3111"
},
{
"name": "ADV-2010-2890",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2890"
},
{
"name": "GLSA-201101-08",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"name": "44638",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44638"
},
{
"name": "RHSA-2010:0934",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
},
{
"name": "20101103 [0dayz] Acrobat Reader Memory Corruption Remote Arbitrary Code Execution",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html"
},
{
"name": "ADV-2011-0337",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"name": "1025033",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025033"
},
{
"name": "42401",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42401"
},
{
"name": "1024684",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024684"
},
{
"name": "oval:org.mitre.oval:def:12527",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12527"
},
{
"name": "15419",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15419"
},
{
"name": "adobe-reader-pdf-file-ce(62996)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62996"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb10-28.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"name": "SUSE-SA:2010:058",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb11-03.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"name": "http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html",
"refsource": "MISC",
"url": "http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2010-4091",
"datePublished": "2010-11-07T21:00:00",
"dateReserved": "2010-10-25T00:00:00",
"dateUpdated": "2024-08-07T03:34:37.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2010-4091\",\"sourceIdentifier\":\"psirt@adobe.com\",\"published\":\"2010-11-07T22:00:03.410\",\"lastModified\":\"2024-11-21T01:20:13.397\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.\"},{\"lang\":\"es\",\"value\":\"El plugin EScript.api en Adobe Reader y Acrobat versi\u00f3n 10.x anterior a 10.0.1, versi\u00f3n 9.x anterior a 9.4.1 y versi\u00f3n 8.x anterior a 8.2.6 en Windows y Mac OS X, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (bloqueo de aplicaci\u00f3n) por medio de un documento PDF creado que desencadena una corrupci\u00f3n de memoria, que involucran a la funci\u00f3n printSeps. NOTA: algunos de estos datos se consiguen de la informaci\u00f3n de terceros.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"996EB48E-D2A8-49E4-915A-EBDE26A9FB94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97E20936-EE31-4CEB-A710-3165A28BAD69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BD9952C-A1D0-4DFB-A292-9B86D7EAE5FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5BEA847-A71E-4336-AB67-B3C38847C1C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39F6994B-6969-485B-9286-2592B11A47BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC533775-B52E-43F0-BF19-1473BE36232D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18D1C85E-42CC-46F2-A7B6-DAC3C3995330\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4670451-511E-496C-A78A-887366E1E992\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A2A4F62-7AB5-4134-9A65-4B4E1EA262A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35994F76-CD13-4301-9134-FC0CBEA37D97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FB61191-F955-4DE6-A86B-36E031DE1F99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E32D68D5-6A79-454B-B14F-9BC865413E3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A57581C-A139-41C3-B9DB-0C4CFA7A1BB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"562772F1-1627-438E-A6B8-7D1AA5536086\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27D5AF92-A8E1-41BD-B20A-EB26BB6AD4DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F25C9167-C6D4-4264-9197-50878EDA2D96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD1D7308-09E9-42B2-8836-DC2326C62A9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5C251D2-4C9B-4029-8BED-0FCAED3B8E89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2432AC17-5378-4C61-A775-5172FD44EC03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6BA82F4-470D-4A46-89B2-D2F3C8FA31C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39EDED39-664F-4B68-B422-2CCCA3B83550\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B508C5CE-1386-47B3-B301-B78DBB3A75D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDC2EEB6-D5EC-430F-962A-1279C9970441\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DC590C7-5BDE-4E46-9605-01E95B17F01F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCFE67F4-6907-4967-96A3-1757EADA72BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9731EFE2-A5BE-4389-A92D-DDC573633B6C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FF5999A-9D12-4CDD-8DE9-A89C10B2D574\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CF61F35-5905-4BA9-AD7E-7DB261D2F256\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26AE76F7-D7F6-4AF2-A5C6-708B5642C288\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"749FFB51-65D4-4A4B-95F3-742440276897\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8665E53-EC1E-4B95-9064-2565BC12113E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24218FDA-F9DA-465A-B5D5-76A55C7EE04E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2C5F1C5-85CD-47B9-897F-E51D6902AF72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0E190FF-3EBC-44AB-8072-4D964E843E8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A624D44-C135-4ED3-9BA4-F4F8A044850B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B95C0A99-42E4-40A9-BF61-507E4E4DC052\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B9F55CC-3681-4A67-99D1-3F40447392D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9C0AC89-804B-44A1-929A-118993B6BAA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39B174C3-1BA6-4654-BFA4-CC126454E147\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6ACDAA2B-3977-4590-9F16-5DDB6FF6545B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB7C4E07-0909-4114-BBFB-92626AFC49BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7832B75B-7868-44DE-A9A4-CBD9CC117DB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AA53564-9ACD-4CFB-9AAC-A77440026A57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7EC46E3-77B7-4455-B3E0-A45C6B69B3DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F475858-DCE2-4C93-A51A-04718DF17593\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88687272-4CD0-42A2-B727-C322ABDE3549\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E5C4FA4-3786-47AF-BD7D-8E75927EB3AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B35CC915-EEE3-4E86-9E09-1893C725E07B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76201694-E5C5-4CA3-8919-46937AFDAAE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"397AB988-1C2C-4247-9B34-806094197CB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FA0B8C3-8060-4685-A241-9852BD63B7A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AB9BBDE-634A-47CF-BA49-67382B547900\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F56B1726-4F05-4732-9D8B-077EF593EAEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A258374F-55CB-48D2-9094-CD70E1288F60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B57C5136-7853-478B-A342-6013528B41B4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FF5999A-9D12-4CDD-8DE9-A89C10B2D574\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CF61F35-5905-4BA9-AD7E-7DB261D2F256\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://osvdb.org/69005\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://secunia.com/advisories/42095\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/42401\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/43025\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-201101-08.xml\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb10-28.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb11-03.html\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.exploit-db.com/exploits/15419\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0934.html\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.securityfocus.com/bid/44638\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.securitytracker.com/id?1024684\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.securitytracker.com/id?1025033\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/2890\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/3111\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0191\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0337\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/62996\",\"source\":\"psirt@adobe.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12527\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/69005\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/42095\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/42401\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/43025\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-201101-08.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb10-28.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb11-03.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.exploit-db.com/exploits/15419\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0934.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/44638\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1024684\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1025033\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/2890\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/3111\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0191\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0337\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/62996\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12527\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
RHSA-2010:0934
Vulnerability from csaf_redhat
Published
2010-12-01 21:16
Modified
2024-11-14 11:27
Summary
Red Hat Security Advisory: acroread security update
Notes
Topic
Updated acroread packages that fix two security issues are now available
for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6
Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
[Updated 7th December 2010]
The package list in this erratum has been updated to make the packages
available in the Red Hat Enterprise Linux 4 Extras IA32 channels on the
Red Hat Network.
Details
Adobe Reader allows users to view and print documents in Portable Document
Format (PDF).
This update fixes two vulnerabilities in Adobe Reader. These
vulnerabilities are detailed on the Adobe security page APSB10-28, listed
in the References section. A specially-crafted PDF file could cause Adobe
Reader to crash or, potentially, execute arbitrary code as the user running
Adobe Reader when opened. (CVE-2010-3654, CVE-2010-4091)
All Adobe Reader users should install these updated packages. They contain
Adobe Reader version 9.4.1, which is not vulnerable to these issues. All
running instances of Adobe Reader must be restarted for the update to take
effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated acroread packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6\nSupplementary.\n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.\n\n[Updated 7th December 2010]\nThe package list in this erratum has been updated to make the packages\navailable in the Red Hat Enterprise Linux 4 Extras IA32 channels on the\nRed Hat Network.",
"title": "Topic"
},
{
"category": "general",
"text": "Adobe Reader allows users to view and print documents in Portable Document\nFormat (PDF).\n\nThis update fixes two vulnerabilities in Adobe Reader. These\nvulnerabilities are detailed on the Adobe security page APSB10-28, listed\nin the References section. A specially-crafted PDF file could cause Adobe\nReader to crash or, potentially, execute arbitrary code as the user running\nAdobe Reader when opened. (CVE-2010-3654, CVE-2010-4091)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 9.4.1, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2010:0934",
"url": "https://access.redhat.com/errata/RHSA-2010:0934"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb10-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"category": "external",
"summary": "647525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=647525"
},
{
"category": "external",
"summary": "651133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=651133"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0934.json"
}
],
"title": "Red Hat Security Advisory: acroread security update",
"tracking": {
"current_release_date": "2024-11-14T11:27:57+00:00",
"generator": {
"date": "2024-11-14T11:27:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2010:0934",
"initial_release_date": "2010-12-01T21:16:00+00:00",
"revision_history": [
{
"date": "2010-12-01T21:16:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2010-12-07T08:55:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T11:27:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 4 Extras",
"product": {
"name": "Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "acroread-0:9.4.1-1.el4.i386",
"product": {
"name": "acroread-0:9.4.1-1.el4.i386",
"product_id": "acroread-0:9.4.1-1.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@9.4.1-1.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-plugin-0:9.4.1-1.el4.i386",
"product": {
"name": "acroread-plugin-0:9.4.1-1.el4.i386",
"product_id": "acroread-plugin-0:9.4.1-1.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@9.4.1-1.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-0:9.4.1-1.el5.i386",
"product": {
"name": "acroread-0:9.4.1-1.el5.i386",
"product_id": "acroread-0:9.4.1-1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@9.4.1-1.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-plugin-0:9.4.1-1.el5.i386",
"product": {
"name": "acroread-plugin-0:9.4.1-1.el5.i386",
"product_id": "acroread-plugin-0:9.4.1-1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@9.4.1-1.el5?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "acroread-0:9.4.1-1.el6.i686",
"product": {
"name": "acroread-0:9.4.1-1.el6.i686",
"product_id": "acroread-0:9.4.1-1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@9.4.1-1.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "acroread-plugin-0:9.4.1-1.el6.i686",
"product": {
"name": "acroread-plugin-0:9.4.1-1.el6.i686",
"product_id": "acroread-plugin-0:9.4.1-1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@9.4.1-1.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:acroread-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el4.i386 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:acroread-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el4.i386 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:acroread-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:acroread-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:acroread-0:9.4.1-1.el5.i386"
},
"product_reference": "acroread-0:9.4.1-1.el5.i386",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el5.i386",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:acroread-0:9.4.1-1.el5.i386"
},
"product_reference": "acroread-0:9.4.1-1.el5.i386",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el5.i386",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary:acroread-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary:acroread-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Workstation-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Workstation-Supplementary"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2010-3654",
"discovery_date": "2010-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "647525"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread/flash-plugin: critical vulnerablility (APSA10-05, APSB10-26)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3654"
},
{
"category": "external",
"summary": "RHBZ#647525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=647525"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3654",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3654"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3654",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3654"
}
],
"release_date": "2010-10-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-12-01T21:16:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0934"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread/flash-plugin: critical vulnerablility (APSA10-05, APSB10-26)"
},
{
"cve": "CVE-2010-4091",
"discovery_date": "2010-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "651133"
}
],
"notes": [
{
"category": "description",
"text": "The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: remote DoS or possible arbitrary code execution via EScript.api plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-4091"
},
{
"category": "external",
"summary": "RHBZ#651133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=651133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4091"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-4091",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4091"
}
],
"release_date": "2010-11-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-12-01T21:16:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0934"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: remote DoS or possible arbitrary code execution via EScript.api plugin"
}
]
}
rhsa-2010:0934
Vulnerability from csaf_redhat
Published
2010-12-01 21:16
Modified
2024-11-14 11:27
Summary
Red Hat Security Advisory: acroread security update
Notes
Topic
Updated acroread packages that fix two security issues are now available
for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6
Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
[Updated 7th December 2010]
The package list in this erratum has been updated to make the packages
available in the Red Hat Enterprise Linux 4 Extras IA32 channels on the
Red Hat Network.
Details
Adobe Reader allows users to view and print documents in Portable Document
Format (PDF).
This update fixes two vulnerabilities in Adobe Reader. These
vulnerabilities are detailed on the Adobe security page APSB10-28, listed
in the References section. A specially-crafted PDF file could cause Adobe
Reader to crash or, potentially, execute arbitrary code as the user running
Adobe Reader when opened. (CVE-2010-3654, CVE-2010-4091)
All Adobe Reader users should install these updated packages. They contain
Adobe Reader version 9.4.1, which is not vulnerable to these issues. All
running instances of Adobe Reader must be restarted for the update to take
effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated acroread packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6\nSupplementary.\n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.\n\n[Updated 7th December 2010]\nThe package list in this erratum has been updated to make the packages\navailable in the Red Hat Enterprise Linux 4 Extras IA32 channels on the\nRed Hat Network.",
"title": "Topic"
},
{
"category": "general",
"text": "Adobe Reader allows users to view and print documents in Portable Document\nFormat (PDF).\n\nThis update fixes two vulnerabilities in Adobe Reader. These\nvulnerabilities are detailed on the Adobe security page APSB10-28, listed\nin the References section. A specially-crafted PDF file could cause Adobe\nReader to crash or, potentially, execute arbitrary code as the user running\nAdobe Reader when opened. (CVE-2010-3654, CVE-2010-4091)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 9.4.1, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2010:0934",
"url": "https://access.redhat.com/errata/RHSA-2010:0934"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb10-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"category": "external",
"summary": "647525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=647525"
},
{
"category": "external",
"summary": "651133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=651133"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0934.json"
}
],
"title": "Red Hat Security Advisory: acroread security update",
"tracking": {
"current_release_date": "2024-11-14T11:27:57+00:00",
"generator": {
"date": "2024-11-14T11:27:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2010:0934",
"initial_release_date": "2010-12-01T21:16:00+00:00",
"revision_history": [
{
"date": "2010-12-01T21:16:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2010-12-07T08:55:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T11:27:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 4 Extras",
"product": {
"name": "Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "acroread-0:9.4.1-1.el4.i386",
"product": {
"name": "acroread-0:9.4.1-1.el4.i386",
"product_id": "acroread-0:9.4.1-1.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@9.4.1-1.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-plugin-0:9.4.1-1.el4.i386",
"product": {
"name": "acroread-plugin-0:9.4.1-1.el4.i386",
"product_id": "acroread-plugin-0:9.4.1-1.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@9.4.1-1.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-0:9.4.1-1.el5.i386",
"product": {
"name": "acroread-0:9.4.1-1.el5.i386",
"product_id": "acroread-0:9.4.1-1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@9.4.1-1.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-plugin-0:9.4.1-1.el5.i386",
"product": {
"name": "acroread-plugin-0:9.4.1-1.el5.i386",
"product_id": "acroread-plugin-0:9.4.1-1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@9.4.1-1.el5?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "acroread-0:9.4.1-1.el6.i686",
"product": {
"name": "acroread-0:9.4.1-1.el6.i686",
"product_id": "acroread-0:9.4.1-1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@9.4.1-1.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "acroread-plugin-0:9.4.1-1.el6.i686",
"product": {
"name": "acroread-plugin-0:9.4.1-1.el6.i686",
"product_id": "acroread-plugin-0:9.4.1-1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@9.4.1-1.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:acroread-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el4.i386 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:acroread-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el4.i386 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:acroread-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:acroread-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:acroread-0:9.4.1-1.el5.i386"
},
"product_reference": "acroread-0:9.4.1-1.el5.i386",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el5.i386",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:acroread-0:9.4.1-1.el5.i386"
},
"product_reference": "acroread-0:9.4.1-1.el5.i386",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el5.i386",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary:acroread-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary:acroread-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Workstation-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Workstation-Supplementary"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2010-3654",
"discovery_date": "2010-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "647525"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread/flash-plugin: critical vulnerablility (APSA10-05, APSB10-26)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3654"
},
{
"category": "external",
"summary": "RHBZ#647525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=647525"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3654",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3654"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3654",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3654"
}
],
"release_date": "2010-10-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-12-01T21:16:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0934"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread/flash-plugin: critical vulnerablility (APSA10-05, APSB10-26)"
},
{
"cve": "CVE-2010-4091",
"discovery_date": "2010-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "651133"
}
],
"notes": [
{
"category": "description",
"text": "The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: remote DoS or possible arbitrary code execution via EScript.api plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-4091"
},
{
"category": "external",
"summary": "RHBZ#651133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=651133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4091"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-4091",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4091"
}
],
"release_date": "2010-11-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-12-01T21:16:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0934"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: remote DoS or possible arbitrary code execution via EScript.api plugin"
}
]
}
rhsa-2010_0934
Vulnerability from csaf_redhat
Published
2010-12-01 21:16
Modified
2024-11-14 11:27
Summary
Red Hat Security Advisory: acroread security update
Notes
Topic
Updated acroread packages that fix two security issues are now available
for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6
Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
[Updated 7th December 2010]
The package list in this erratum has been updated to make the packages
available in the Red Hat Enterprise Linux 4 Extras IA32 channels on the
Red Hat Network.
Details
Adobe Reader allows users to view and print documents in Portable Document
Format (PDF).
This update fixes two vulnerabilities in Adobe Reader. These
vulnerabilities are detailed on the Adobe security page APSB10-28, listed
in the References section. A specially-crafted PDF file could cause Adobe
Reader to crash or, potentially, execute arbitrary code as the user running
Adobe Reader when opened. (CVE-2010-3654, CVE-2010-4091)
All Adobe Reader users should install these updated packages. They contain
Adobe Reader version 9.4.1, which is not vulnerable to these issues. All
running instances of Adobe Reader must be restarted for the update to take
effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated acroread packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6\nSupplementary.\n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.\n\n[Updated 7th December 2010]\nThe package list in this erratum has been updated to make the packages\navailable in the Red Hat Enterprise Linux 4 Extras IA32 channels on the\nRed Hat Network.",
"title": "Topic"
},
{
"category": "general",
"text": "Adobe Reader allows users to view and print documents in Portable Document\nFormat (PDF).\n\nThis update fixes two vulnerabilities in Adobe Reader. These\nvulnerabilities are detailed on the Adobe security page APSB10-28, listed\nin the References section. A specially-crafted PDF file could cause Adobe\nReader to crash or, potentially, execute arbitrary code as the user running\nAdobe Reader when opened. (CVE-2010-3654, CVE-2010-4091)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 9.4.1, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2010:0934",
"url": "https://access.redhat.com/errata/RHSA-2010:0934"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb10-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"category": "external",
"summary": "647525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=647525"
},
{
"category": "external",
"summary": "651133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=651133"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0934.json"
}
],
"title": "Red Hat Security Advisory: acroread security update",
"tracking": {
"current_release_date": "2024-11-14T11:27:57+00:00",
"generator": {
"date": "2024-11-14T11:27:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2010:0934",
"initial_release_date": "2010-12-01T21:16:00+00:00",
"revision_history": [
{
"date": "2010-12-01T21:16:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2010-12-07T08:55:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T11:27:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 4 Extras",
"product": {
"name": "Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "acroread-0:9.4.1-1.el4.i386",
"product": {
"name": "acroread-0:9.4.1-1.el4.i386",
"product_id": "acroread-0:9.4.1-1.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@9.4.1-1.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-plugin-0:9.4.1-1.el4.i386",
"product": {
"name": "acroread-plugin-0:9.4.1-1.el4.i386",
"product_id": "acroread-plugin-0:9.4.1-1.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@9.4.1-1.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-0:9.4.1-1.el5.i386",
"product": {
"name": "acroread-0:9.4.1-1.el5.i386",
"product_id": "acroread-0:9.4.1-1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@9.4.1-1.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-plugin-0:9.4.1-1.el5.i386",
"product": {
"name": "acroread-plugin-0:9.4.1-1.el5.i386",
"product_id": "acroread-plugin-0:9.4.1-1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@9.4.1-1.el5?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "acroread-0:9.4.1-1.el6.i686",
"product": {
"name": "acroread-0:9.4.1-1.el6.i686",
"product_id": "acroread-0:9.4.1-1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@9.4.1-1.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "acroread-plugin-0:9.4.1-1.el6.i686",
"product": {
"name": "acroread-plugin-0:9.4.1-1.el6.i686",
"product_id": "acroread-plugin-0:9.4.1-1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@9.4.1-1.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:acroread-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el4.i386 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:acroread-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el4.i386 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:acroread-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:acroread-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:acroread-0:9.4.1-1.el5.i386"
},
"product_reference": "acroread-0:9.4.1-1.el5.i386",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el5.i386",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:acroread-0:9.4.1-1.el5.i386"
},
"product_reference": "acroread-0:9.4.1-1.el5.i386",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el5.i386",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary:acroread-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary:acroread-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Workstation-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Workstation-Supplementary"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2010-3654",
"discovery_date": "2010-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "647525"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread/flash-plugin: critical vulnerablility (APSA10-05, APSB10-26)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3654"
},
{
"category": "external",
"summary": "RHBZ#647525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=647525"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3654",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3654"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3654",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3654"
}
],
"release_date": "2010-10-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-12-01T21:16:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0934"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread/flash-plugin: critical vulnerablility (APSA10-05, APSB10-26)"
},
{
"cve": "CVE-2010-4091",
"discovery_date": "2010-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "651133"
}
],
"notes": [
{
"category": "description",
"text": "The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: remote DoS or possible arbitrary code execution via EScript.api plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-4091"
},
{
"category": "external",
"summary": "RHBZ#651133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=651133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4091"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-4091",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4091"
}
],
"release_date": "2010-11-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-12-01T21:16:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0934"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: remote DoS or possible arbitrary code execution via EScript.api plugin"
}
]
}
fkie_cve-2010-4091
Vulnerability from fkie_nvd
Published
2010-11-07 22:00
Modified
2024-11-21 01:20
Severity ?
Summary
The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "996EB48E-D2A8-49E4-915A-EBDE26A9FB94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "97E20936-EE31-4CEB-A710-3165A28BAD69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5BD9952C-A1D0-4DFB-A292-9B86D7EAE5FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C5BEA847-A71E-4336-AB67-B3C38847C1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39F6994B-6969-485B-9286-2592B11A47BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC533775-B52E-43F0-BF19-1473BE36232D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "18D1C85E-42CC-46F2-A7B6-DAC3C3995330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C4670451-511E-496C-A78A-887366E1E992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1A2A4F62-7AB5-4134-9A65-4B4E1EA262A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "35994F76-CD13-4301-9134-FC0CBEA37D97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0FB61191-F955-4DE6-A86B-36E031DE1F99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E32D68D5-6A79-454B-B14F-9BC865413E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2A57581C-A139-41C3-B9DB-0C4CFA7A1BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "562772F1-1627-438E-A6B8-7D1AA5536086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "27D5AF92-A8E1-41BD-B20A-EB26BB6AD4DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F25C9167-C6D4-4264-9197-50878EDA2D96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD1D7308-09E9-42B2-8836-DC2326C62A9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B5C251D2-4C9B-4029-8BED-0FCAED3B8E89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2432AC17-5378-4C61-A775-5172FD44EC03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B6BA82F4-470D-4A46-89B2-D2F3C8FA31C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39EDED39-664F-4B68-B422-2CCCA3B83550",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B508C5CE-1386-47B3-B301-B78DBB3A75D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2EEB6-D5EC-430F-962A-1279C9970441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8DC590C7-5BDE-4E46-9605-01E95B17F01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DCFE67F4-6907-4967-96A3-1757EADA72BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9731EFE2-A5BE-4389-A92D-DDC573633B6C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "26AE76F7-D7F6-4AF2-A5C6-708B5642C288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "749FFB51-65D4-4A4B-95F3-742440276897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8665E53-EC1E-4B95-9064-2565BC12113E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24218FDA-F9DA-465A-B5D5-76A55C7EE04E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E2C5F1C5-85CD-47B9-897F-E51D6902AF72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E190FF-3EBC-44AB-8072-4D964E843E8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6A624D44-C135-4ED3-9BA4-F4F8A044850B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B95C0A99-42E4-40A9-BF61-507E4E4DC052",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9F55CC-3681-4A67-99D1-3F40447392D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C0AC89-804B-44A1-929A-118993B6BAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39B174C3-1BA6-4654-BFA4-CC126454E147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACDAA2B-3977-4590-9F16-5DDB6FF6545B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BB7C4E07-0909-4114-BBFB-92626AFC49BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7832B75B-7868-44DE-A9A4-CBD9CC117DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5AA53564-9ACD-4CFB-9AAC-A77440026A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7EC46E3-77B7-4455-B3E0-A45C6B69B3DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F475858-DCE2-4C93-A51A-04718DF17593",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "88687272-4CD0-42A2-B727-C322ABDE3549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1E5C4FA4-3786-47AF-BD7D-8E75927EB3AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B35CC915-EEE3-4E86-9E09-1893C725E07B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "76201694-E5C5-4CA3-8919-46937AFDAAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "397AB988-1C2C-4247-9B34-806094197CB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8FA0B8C3-8060-4685-A241-9852BD63B7A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB9BBDE-634A-47CF-BA49-67382B547900",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F56B1726-4F05-4732-9D8B-077EF593EAEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A258374F-55CB-48D2-9094-CD70E1288F60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B57C5136-7853-478B-A342-6013528B41B4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "El plugin EScript.api en Adobe Reader y Acrobat versi\u00f3n 10.x anterior a 10.0.1, versi\u00f3n 9.x anterior a 9.4.1 y versi\u00f3n 8.x anterior a 8.2.6 en Windows y Mac OS X, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (bloqueo de aplicaci\u00f3n) por medio de un documento PDF creado que desencadena una corrupci\u00f3n de memoria, que involucran a la funci\u00f3n printSeps. NOTA: algunos de estos datos se consiguen de la informaci\u00f3n de terceros."
}
],
"id": "CVE-2010-4091",
"lastModified": "2024-11-21T01:20:13.397",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-11-07T22:00:03.410",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html"
},
{
"source": "psirt@adobe.com",
"url": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html"
},
{
"source": "psirt@adobe.com",
"url": "http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html"
},
{
"source": "psirt@adobe.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
},
{
"source": "psirt@adobe.com",
"url": "http://osvdb.org/69005"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42095"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42401"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43025"
},
{
"source": "psirt@adobe.com",
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"source": "psirt@adobe.com",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/15419"
},
{
"source": "psirt@adobe.com",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/44638"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id?1024684"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id?1025033"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2890"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3111"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"source": "psirt@adobe.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62996"
},
{
"source": "psirt@adobe.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12527"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/69005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42401"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/15419"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/44638"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1024684"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2890"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62996"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12527"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
gsd-2010-4091
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2010-4091",
"description": "The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.",
"id": "GSD-2010-4091",
"references": [
"https://www.suse.com/security/cve/CVE-2010-4091.html",
"https://access.redhat.com/errata/RHSA-2010:0934"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2010-4091"
],
"details": "The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.",
"id": "GSD-2010-4091",
"modified": "2023-12-13T01:21:29.653714Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2010-4091",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42095",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42095"
},
{
"name": "69005",
"refsource": "OSVDB",
"url": "http://osvdb.org/69005"
},
{
"name": "ADV-2011-0191",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"name": "43025",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43025"
},
{
"name": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html",
"refsource": "MISC",
"url": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html"
},
{
"name": "ADV-2010-3111",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3111"
},
{
"name": "ADV-2010-2890",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2890"
},
{
"name": "GLSA-201101-08",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"name": "44638",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44638"
},
{
"name": "RHSA-2010:0934",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
},
{
"name": "20101103 [0dayz] Acrobat Reader Memory Corruption Remote Arbitrary Code Execution",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html"
},
{
"name": "ADV-2011-0337",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"name": "1025033",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025033"
},
{
"name": "42401",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42401"
},
{
"name": "1024684",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024684"
},
{
"name": "oval:org.mitre.oval:def:12527",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12527"
},
{
"name": "15419",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15419"
},
{
"name": "adobe-reader-pdf-file-ce(62996)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62996"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb10-28.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"name": "SUSE-SA:2010:058",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb11-03.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"name": "http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html",
"refsource": "MISC",
"url": "http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2010-4091"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42095",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42095"
},
{
"name": "15419",
"refsource": "EXPLOIT-DB",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/15419"
},
{
"name": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html",
"refsource": "MISC",
"tags": [],
"url": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html"
},
{
"name": "ADV-2010-2890",
"refsource": "VUPEN",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2890"
},
{
"name": "44638",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/44638"
},
{
"name": "20101103 [0dayz] Acrobat Reader Memory Corruption Remote Arbitrary Code Execution",
"refsource": "FULLDISC",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html"
},
{
"name": "http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html",
"refsource": "MISC",
"tags": [],
"url": "http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html"
},
{
"name": "69005",
"refsource": "OSVDB",
"tags": [],
"url": "http://osvdb.org/69005"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb10-28.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"name": "RHSA-2010:0934",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
},
{
"name": "1024684",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id?1024684"
},
{
"name": "42401",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42401"
},
{
"name": "ADV-2010-3111",
"refsource": "VUPEN",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3111"
},
{
"name": "SUSE-SA:2010:058",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
},
{
"name": "GLSA-201101-08",
"refsource": "GENTOO",
"tags": [],
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"name": "43025",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43025"
},
{
"name": "ADV-2011-0191",
"refsource": "VUPEN",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb11-03.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"name": "ADV-2011-0337",
"refsource": "VUPEN",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"name": "1025033",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id?1025033"
},
{
"name": "adobe-reader-pdf-file-ce(62996)",
"refsource": "XF",
"tags": [],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62996"
},
{
"name": "oval:org.mitre.oval:def:12527",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12527"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": true
}
},
"lastModifiedDate": "2018-10-30T16:25Z",
"publishedDate": "2010-11-07T22:00Z"
}
}
}
ghsa-g5vr-3wpw-49ph
Vulnerability from github
Published
2022-05-14 02:18
Modified
2022-05-14 02:18
Details
The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.
{
"affected": [],
"aliases": [
"CVE-2010-4091"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2010-11-07T22:00:00Z",
"severity": "HIGH"
},
"details": "The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.",
"id": "GHSA-g5vr-3wpw-49ph",
"modified": "2022-05-14T02:18:03Z",
"published": "2022-05-14T02:18:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4091"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62996"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12527"
},
{
"type": "WEB",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html"
},
{
"type": "WEB",
"url": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html"
},
{
"type": "WEB",
"url": "http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
},
{
"type": "WEB",
"url": "http://osvdb.org/69005"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/42095"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/42401"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/43025"
},
{
"type": "WEB",
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"type": "WEB",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"type": "WEB",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"type": "WEB",
"url": "http://www.exploit-db.com/exploits/15419"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/44638"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id?1024684"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id?1025033"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2010/2890"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2010/3111"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2011/0337"
}
],
"schema_version": "1.4.0",
"severity": []
}
var-201011-0203
Vulnerability from variot
The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information. Adobe Acrobat and Reader are prone to multiple security vulnerabilities. Adobe released an advance advisory regarding multiple security vulnerabilities in Reader and Acrobat. The vendor indicates that these issues will be addressed in updates for Microsoft Windows and Mac platforms on Tuesday, November 16, 2010, and for UNIX platforms on Monday, November 30, 2010. This BID will be updated when the advisory is released. Adobe Reader and Acrobat 9.4 and earlier are vulnerable. Successful exploits may allow attackers to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition.
For more information: SA41340 SA41435 SA42030 SA42095
SOLUTION: Update to version "app-text/acroread-9.4.1" or later. ----------------------------------------------------------------------
Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM) Beta.
Join the beta: http://secunia.com/products/corporate/vim/
TITLE: Adobe Reader Unspecified Memory Corruption Vulnerability
SECUNIA ADVISORY ID: SA42095
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42095/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42095
RELEASE DATE: 2010-11-05
DISCUSS ADVISORY: http://secunia.com/advisories/42095/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/42095/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=42095
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Adobe Reader, which can be exploited by malicious people to potentially compromise a user's system.
The vulnerability is caused due to an unspecified error when parsing PDF files and can be exploited to corrupt memory.
The vulnerability is confirmed in version 9.4.0.
SOLUTION: Do not open untrusted PDF files.
PROVIDED AND/OR DISCOVERED BY: scup
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.
For more information: SA42030 SA42095
SOLUTION: Updated packages are available via Red Hat Network. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201011-0203",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh unix"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4 and earlier for windows macintosh"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1 and earlier for windows"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4 and earlier for windows"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0) for windows macintosh"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0) and earlier for windows macintosh"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "44838"
},
{
"db": "BID",
"id": "44638"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-073"
},
{
"db": "NVD",
"id": "CVE-2010-4091"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe",
"sources": [
{
"db": "BID",
"id": "44838"
}
],
"trust": 0.3
},
"cve": "CVE-2010-4091",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2010-4091",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-46696",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-4091",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-4091",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201011-073",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-46696",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-4091",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-46696"
},
{
"db": "VULMON",
"id": "CVE-2010-4091"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-073"
},
{
"db": "NVD",
"id": "CVE-2010-4091"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information. Adobe Acrobat and Reader are prone to multiple security vulnerabilities. \nAdobe released an advance advisory regarding multiple security vulnerabilities in Reader and Acrobat. The vendor indicates that these issues will be addressed in updates for Microsoft Windows and Mac platforms on Tuesday, November 16, 2010, and for UNIX platforms on Monday, November 30, 2010. \nThis BID will be updated when the advisory is released. \nAdobe Reader and Acrobat 9.4 and earlier are vulnerable. \nSuccessful exploits may allow attackers to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. \n\nFor more information:\nSA41340\nSA41435\nSA42030\nSA42095\n\nSOLUTION:\nUpdate to version \"app-text/acroread-9.4.1\" or later. ----------------------------------------------------------------------\n\n\nSecure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM) Beta. \n\nJoin the beta: \nhttp://secunia.com/products/corporate/vim/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader Unspecified Memory Corruption Vulnerability\n\nSECUNIA ADVISORY ID:\nSA42095\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/42095/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42095\n\nRELEASE DATE:\n2010-11-05\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/42095/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/42095/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42095\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Reader, which can be\nexploited by malicious people to potentially compromise a user\u0027s\nsystem. \n\nThe vulnerability is caused due to an unspecified error when parsing\nPDF files and can be exploited to corrupt memory. \n\nThe vulnerability is confirmed in version 9.4.0. \n\nSOLUTION:\nDo not open untrusted PDF files. \n\nPROVIDED AND/OR DISCOVERED BY:\nscup\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. This fixes multiple\nvulnerabilities, which can be exploited by malicious people to\ncompromise a user\u0027s system. \n\nFor more information:\nSA42030\nSA42095\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-4091"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"db": "BID",
"id": "44838"
},
{
"db": "BID",
"id": "44638"
},
{
"db": "VULHUB",
"id": "VHN-46696"
},
{
"db": "VULMON",
"id": "CVE-2010-4091"
},
{
"db": "PACKETSTORM",
"id": "97778"
},
{
"db": "PACKETSTORM",
"id": "95541"
},
{
"db": "PACKETSTORM",
"id": "97734"
},
{
"db": "PACKETSTORM",
"id": "96330"
},
{
"db": "PACKETSTORM",
"id": "109194"
}
],
"trust": 2.79
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-46696",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=15419",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-46696"
},
{
"db": "VULMON",
"id": "CVE-2010-4091"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-4091",
"trust": 3.1
},
{
"db": "BID",
"id": "44638",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "42095",
"trust": 2.7
},
{
"db": "VUPEN",
"id": "ADV-2010-2890",
"trust": 2.6
},
{
"db": "OSVDB",
"id": "69005",
"trust": 2.0
},
{
"db": "EXPLOIT-DB",
"id": "15419",
"trust": 1.8
},
{
"db": "XF",
"id": "62996",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "43025",
"trust": 1.3
},
{
"db": "SECUNIA",
"id": "42401",
"trust": 1.3
},
{
"db": "VUPEN",
"id": "ADV-2010-3111",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0191",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1024684",
"trust": 1.2
},
{
"db": "BID",
"id": "44838",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201011-073",
"trust": 0.7
},
{
"db": "FULLDISC",
"id": "20101103 [0DAYZ] ACROBAT READER MEMORY CORRUPTION REMOTE ARBITRARY CODE EXECUTION",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-70134",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-46696",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-4091",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "97778",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "95541",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "97734",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "96330",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-46696"
},
{
"db": "VULMON",
"id": "CVE-2010-4091"
},
{
"db": "BID",
"id": "44838"
},
{
"db": "BID",
"id": "44638"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"db": "PACKETSTORM",
"id": "97778"
},
{
"db": "PACKETSTORM",
"id": "95541"
},
{
"db": "PACKETSTORM",
"id": "97734"
},
{
"db": "PACKETSTORM",
"id": "96330"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-073"
},
{
"db": "NVD",
"id": "CVE-2010-4091"
}
]
},
"id": "VAR-201011-0203",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-46696"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:23:38.648000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-28",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"title": "APSB11-03",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "APSB10-28",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-28.html"
},
{
"title": "cpsid_88012",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/880/cpsid_88012.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
},
{
"title": "RHSA-2010:0934",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2010-0934.html"
},
{
"title": "AdbeRdrUpd1001_Tier2",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38291"
},
{
"title": "AcrobatUpd1001",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38218"
},
{
"title": "AcrobatUpd1001_Tier4",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38222"
},
{
"title": "AcroProUpd826_all",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38275"
},
{
"title": "AdbeRdrUpd942_all_ppc",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=38360"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/0xCyberY/CVE-T4PDF "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-4091"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-073"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-46696"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"db": "NVD",
"id": "CVE-2010-4091"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://www.securityfocus.com/bid/44638"
},
{
"trust": 2.6,
"url": "http://secunia.com/advisories/42095"
},
{
"trust": 2.6,
"url": "http://www.vupen.com/english/advisories/2010/2890"
},
{
"trust": 2.1,
"url": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html"
},
{
"trust": 2.0,
"url": "http://osvdb.org/69005"
},
{
"trust": 1.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"trust": 1.8,
"url": "http://www.exploit-db.com/exploits/15419"
},
{
"trust": 1.8,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html"
},
{
"trust": 1.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 1.5,
"url": "http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/62996"
},
{
"trust": 1.3,
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12527"
},
{
"trust": 1.2,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0934.html"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id?1024684"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/42401"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/43025"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2010/3111"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62996"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4091"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2010/at100031.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-4091"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/44838"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://seclists.org/fulldisclosure/2010/nov/23"
},
{
"trust": 0.3,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html"
},
{
"trust": 0.3,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.3,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.3,
"url": "http://secunia.com/products/corporate/vim/"
},
{
"trust": 0.3,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.3,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.2,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.2,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/15419/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43025/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43025"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43025/#comments"
},
{
"trust": 0.1,
"url": "http://www.gentoo.org/security/en/glsa/glsa-201101-08.xml"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42095"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/42095/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/42095/#comments"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2890"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3656"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3619"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2889"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2883"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2890"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3629"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3629"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3619"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3625"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-21.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3628"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2883"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3625"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3626"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3657"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3654"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3657"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3622"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3658"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2884"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3632"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3654"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3632"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2889"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3622"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3656"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2887"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3621"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3626"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3627"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2884"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3658"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2887"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3630"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3630"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42401"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/42401/"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2010-0934.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/42401/#comments"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-46696"
},
{
"db": "VULMON",
"id": "CVE-2010-4091"
},
{
"db": "BID",
"id": "44838"
},
{
"db": "BID",
"id": "44638"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"db": "PACKETSTORM",
"id": "97778"
},
{
"db": "PACKETSTORM",
"id": "95541"
},
{
"db": "PACKETSTORM",
"id": "97734"
},
{
"db": "PACKETSTORM",
"id": "96330"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-073"
},
{
"db": "NVD",
"id": "CVE-2010-4091"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-46696"
},
{
"db": "VULMON",
"id": "CVE-2010-4091"
},
{
"db": "BID",
"id": "44838"
},
{
"db": "BID",
"id": "44638"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"db": "PACKETSTORM",
"id": "97778"
},
{
"db": "PACKETSTORM",
"id": "95541"
},
{
"db": "PACKETSTORM",
"id": "97734"
},
{
"db": "PACKETSTORM",
"id": "96330"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-073"
},
{
"db": "NVD",
"id": "CVE-2010-4091"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-46696"
},
{
"date": "2010-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2010-4091"
},
{
"date": "2010-11-12T00:00:00",
"db": "BID",
"id": "44838"
},
{
"date": "2010-11-04T00:00:00",
"db": "BID",
"id": "44638"
},
{
"date": "2010-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"date": "2011-01-24T07:05:02",
"db": "PACKETSTORM",
"id": "97778"
},
{
"date": "2010-11-05T10:53:47",
"db": "PACKETSTORM",
"id": "95541"
},
{
"date": "2011-01-21T21:14:13",
"db": "PACKETSTORM",
"id": "97734"
},
{
"date": "2010-12-03T09:08:04",
"db": "PACKETSTORM",
"id": "96330"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2010-11-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201011-073"
},
{
"date": "2010-11-07T22:00:03.410000",
"db": "NVD",
"id": "CVE-2010-4091"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-46696"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-4091"
},
{
"date": "2013-06-20T09:38:00",
"db": "BID",
"id": "44838"
},
{
"date": "2013-06-20T09:40:00",
"db": "BID",
"id": "44638"
},
{
"date": "2011-02-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"date": "2011-07-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201011-073"
},
{
"date": "2024-11-21T01:20:13.397000",
"db": "NVD",
"id": "CVE-2010-4091"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-073"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat of EScript.api Vulnerability to execute arbitrary code in plug-in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201011-073"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.