fkie_nvd - fkie_cve-2010-2201

fkie_cve-2010-2201

Vulnerability from fkie_nvd

Published

2010-06-30 18:30

Modified

2024-11-21 01:16

Severity ?

Summary

Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via a PDF file with crafted Flash content involving the (1) pushstring (0x2C) operator, (2) debugfile (0xF1) operator, and an "invalid pointer vulnerability" that triggers memory corruption, a different vulnerability than CVE-2010-1285 and CVE-2010-2168.

References

URL	Tags
psirt@adobe.com	http://www.adobe.com/support/security/bulletins/apsb10-15.html	Patch, Vendor Advisory
psirt@adobe.com	http://www.securityfocus.com/archive/1/512098
psirt@adobe.com	http://www.securityfocus.com/bid/41237
psirt@adobe.com	http://www.securitytracker.com/id?1024159
psirt@adobe.com	http://www.vupen.com/english/advisories/2010/1636
psirt@adobe.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6854
af854a3a-2127-422b-91ae-364da2661108	http://www.adobe.com/support/security/bulletins/apsb10-15.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/512098
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/41237
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1024159
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/1636
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6854

Impacted products

Vendor	Product	Version
adobe	acrobat	9.0
adobe	acrobat	9.1
adobe	acrobat	9.1.1
adobe	acrobat	9.1.2
adobe	acrobat	9.1.3
adobe	acrobat	9.2
adobe	acrobat	9.3
adobe	acrobat	9.3.1
adobe	acrobat	9.3.2
apple	mac_os_x	*
microsoft	windows	*
adobe	acrobat_reader	9.0
adobe	acrobat_reader	9.1
adobe	acrobat_reader	9.1.1
adobe	acrobat_reader	9.1.2
adobe	acrobat_reader	9.1.3
adobe	acrobat_reader	9.2
adobe	acrobat_reader	9.3
adobe	acrobat_reader	9.3.1
adobe	acrobat_reader	9.3.2
apple	mac_os_x	*
microsoft	windows	*
adobe	acrobat	8.0
adobe	acrobat	8.1
adobe	acrobat	8.1.1
adobe	acrobat	8.1.2
adobe	acrobat	8.1.3
adobe	acrobat	8.1.4
adobe	acrobat	8.1.5
adobe	acrobat	8.1.6
adobe	acrobat	8.1.7
adobe	acrobat	8.2
adobe	acrobat	8.2.1
adobe	acrobat	8.2.2
apple	mac_os_x	*
microsoft	windows	*
adobe	acrobat_reader	8.0
adobe	acrobat_reader	8.1
adobe	acrobat_reader	8.1.1
adobe	acrobat_reader	8.1.2
adobe	acrobat_reader	8.1.4
adobe	acrobat_reader	8.1.5
adobe	acrobat_reader	8.1.6
adobe	acrobat_reader	8.1.7
adobe	acrobat_reader	8.2.1
adobe	acrobat_reader	8.2.2
apple	mac_os_x	*
microsoft	windows	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AA53564-9ACD-4CFB-9AAC-A77440026A57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7EC46E3-77B7-4455-B3E0-A45C6B69B3DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F475858-DCE2-4C93-A51A-04718DF17593",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "88687272-4CD0-42A2-B727-C322ABDE3549",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E5C4FA4-3786-47AF-BD7D-8E75927EB3AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B35CC915-EEE3-4E86-9E09-1893C725E07B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "76201694-E5C5-4CA3-8919-46937AFDAAE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "397AB988-1C2C-4247-9B34-806094197CB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA0B8C3-8060-4685-A241-9852BD63B7A0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "562772F1-1627-438E-A6B8-7D1AA5536086",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27D5AF92-A8E1-41BD-B20A-EB26BB6AD4DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F25C9167-C6D4-4264-9197-50878EDA2D96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD1D7308-09E9-42B2-8836-DC2326C62A9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5C251D2-4C9B-4029-8BED-0FCAED3B8E89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2432AC17-5378-4C61-A775-5172FD44EC03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6BA82F4-470D-4A46-89B2-D2F3C8FA31C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "39EDED39-664F-4B68-B422-2CCCA3B83550",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B508C5CE-1386-47B3-B301-B78DBB3A75D9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "26AE76F7-D7F6-4AF2-A5C6-708B5642C288",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "749FFB51-65D4-4A4B-95F3-742440276897",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8665E53-EC1E-4B95-9064-2565BC12113E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "24218FDA-F9DA-465A-B5D5-76A55C7EE04E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2C5F1C5-85CD-47B9-897F-E51D6902AF72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0E190FF-3EBC-44AB-8072-4D964E843E8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A624D44-C135-4ED3-9BA4-F4F8A044850B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B95C0A99-42E4-40A9-BF61-507E4E4DC052",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B9F55CC-3681-4A67-99D1-3F40447392D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9C0AC89-804B-44A1-929A-118993B6BAA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "39B174C3-1BA6-4654-BFA4-CC126454E147",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6ACDAA2B-3977-4590-9F16-5DDB6FF6545B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "996EB48E-D2A8-49E4-915A-EBDE26A9FB94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "97E20936-EE31-4CEB-A710-3165A28BAD69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BD9952C-A1D0-4DFB-A292-9B86D7EAE5FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5BEA847-A71E-4336-AB67-B3C38847C1C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "39F6994B-6969-485B-9286-2592B11A47BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC533775-B52E-43F0-BF19-1473BE36232D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "18D1C85E-42CC-46F2-A7B6-DAC3C3995330",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4670451-511E-496C-A78A-887366E1E992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "35994F76-CD13-4301-9134-FC0CBEA37D97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FB61191-F955-4DE6-A86B-36E031DE1F99",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via a PDF file with crafted Flash content involving the (1) pushstring (0x2C) operator, (2) debugfile (0xF1) operator, and an \"invalid pointer vulnerability\" that triggers memory corruption, a different vulnerability than CVE-2010-1285 and CVE-2010-2168."
    },
    {
      "lang": "es",
      "value": "Adobe Reader y Acrobat versi\u00f3n 9.x anterior a 9.3.3 y versi\u00f3n 8.x anterior a 8.2.3 en Windows y Mac OS X, permiten a los atacantes ejecutar c\u00f3digo arbitrario por medio de un archivo PDF con contenido Flash creado que involucra (1) el operador pushstring (0x2C), (2) el operador debugfile (0xF1) y un \"invalid pointer vulnerability\" que desencadena corrupci\u00f3n de memoria, esta es una vulnerabilidad diferente a los CVE-2010-1285 y CVE-2010-2168."
    }
  ],
  "evaluatorSolution": "Per: http://www.adobe.com/support/security/bulletins/apsb10-15.html\r\n\r\n\u0027This update resolves an invalid pointer vulnerability that could lead to code execution (CVE-2010-2201).\u0027",
  "id": "CVE-2010-2201",
  "lastModified": "2024-11-21T01:16:08.607",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2010-06-30T18:30:01.520",
  "references": [
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.securityfocus.com/archive/1/512098"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.securityfocus.com/bid/41237"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.securitytracker.com/id?1024159"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.vupen.com/english/advisories/2010/1636"
    },
    {
      "source": "psirt@adobe.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6854"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/512098"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/41237"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1024159"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/1636"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6854"
    }
  ],
  "sourceIdentifier": "psirt@adobe.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2010-2201

Vulnerability from cvelistv5

Published

2010-06-30 18:00

Modified

2024-08-07 02:25