fkie_nvd - fkie_cve-2010-2206

fkie_cve-2010-2206

Vulnerability from fkie_nvd

Published

2010-06-30 18:30

Modified

2024-11-21 01:16

Severity ?

Summary

Array index error in AcroForm.api in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted GIF image in a PDF file, which bypasses a size check and triggers a heap-based buffer overflow.

References

URL	Tags
psirt@adobe.com	http://secunia.com/secunia_research/2010-88/
psirt@adobe.com	http://www.adobe.com/support/security/bulletins/apsb10-15.html	Patch, Vendor Advisory
psirt@adobe.com	http://www.securityfocus.com/archive/1/512092/100/0/threaded
psirt@adobe.com	http://www.securityfocus.com/bid/41241
psirt@adobe.com	http://www.securitytracker.com/id?1024159
psirt@adobe.com	http://www.vupen.com/english/advisories/2010/1636
psirt@adobe.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7200
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2010-88/
af854a3a-2127-422b-91ae-364da2661108	http://www.adobe.com/support/security/bulletins/apsb10-15.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/512092/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/41241
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1024159
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/1636
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7200

Impacted products

Vendor	Product	Version
adobe	acrobat	9.0
adobe	acrobat	9.1
adobe	acrobat	9.1.1
adobe	acrobat	9.1.2
adobe	acrobat	9.1.3
adobe	acrobat	9.2
adobe	acrobat	9.3
adobe	acrobat	9.3.1
adobe	acrobat	9.3.2
apple	mac_os_x	*
microsoft	windows	*
adobe	acrobat_reader	9.0
adobe	acrobat_reader	9.1
adobe	acrobat_reader	9.1.1
adobe	acrobat_reader	9.1.2
adobe	acrobat_reader	9.1.3
adobe	acrobat_reader	9.2
adobe	acrobat_reader	9.3
adobe	acrobat_reader	9.3.1
adobe	acrobat_reader	9.3.2
apple	mac_os_x	*
microsoft	windows	*
adobe	acrobat	8.0
adobe	acrobat	8.1
adobe	acrobat	8.1.1
adobe	acrobat	8.1.2
adobe	acrobat	8.1.3
adobe	acrobat	8.1.4
adobe	acrobat	8.1.5
adobe	acrobat	8.1.6
adobe	acrobat	8.1.7
adobe	acrobat	8.2
adobe	acrobat	8.2.1
adobe	acrobat	8.2.2
apple	mac_os_x	*
microsoft	windows	*
adobe	acrobat_reader	8.0
adobe	acrobat_reader	8.1
adobe	acrobat_reader	8.1.1
adobe	acrobat_reader	8.1.2
adobe	acrobat_reader	8.1.4
adobe	acrobat_reader	8.1.5
adobe	acrobat_reader	8.1.6
adobe	acrobat_reader	8.1.7
adobe	acrobat_reader	8.2.1
adobe	acrobat_reader	8.2.2
apple	mac_os_x	*
microsoft	windows	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AA53564-9ACD-4CFB-9AAC-A77440026A57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7EC46E3-77B7-4455-B3E0-A45C6B69B3DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F475858-DCE2-4C93-A51A-04718DF17593",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "88687272-4CD0-42A2-B727-C322ABDE3549",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E5C4FA4-3786-47AF-BD7D-8E75927EB3AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B35CC915-EEE3-4E86-9E09-1893C725E07B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "76201694-E5C5-4CA3-8919-46937AFDAAE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "397AB988-1C2C-4247-9B34-806094197CB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA0B8C3-8060-4685-A241-9852BD63B7A0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "562772F1-1627-438E-A6B8-7D1AA5536086",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27D5AF92-A8E1-41BD-B20A-EB26BB6AD4DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F25C9167-C6D4-4264-9197-50878EDA2D96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD1D7308-09E9-42B2-8836-DC2326C62A9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5C251D2-4C9B-4029-8BED-0FCAED3B8E89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2432AC17-5378-4C61-A775-5172FD44EC03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6BA82F4-470D-4A46-89B2-D2F3C8FA31C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "39EDED39-664F-4B68-B422-2CCCA3B83550",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B508C5CE-1386-47B3-B301-B78DBB3A75D9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "26AE76F7-D7F6-4AF2-A5C6-708B5642C288",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "749FFB51-65D4-4A4B-95F3-742440276897",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8665E53-EC1E-4B95-9064-2565BC12113E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "24218FDA-F9DA-465A-B5D5-76A55C7EE04E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2C5F1C5-85CD-47B9-897F-E51D6902AF72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0E190FF-3EBC-44AB-8072-4D964E843E8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A624D44-C135-4ED3-9BA4-F4F8A044850B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B95C0A99-42E4-40A9-BF61-507E4E4DC052",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B9F55CC-3681-4A67-99D1-3F40447392D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9C0AC89-804B-44A1-929A-118993B6BAA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "39B174C3-1BA6-4654-BFA4-CC126454E147",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6ACDAA2B-3977-4590-9F16-5DDB6FF6545B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "996EB48E-D2A8-49E4-915A-EBDE26A9FB94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "97E20936-EE31-4CEB-A710-3165A28BAD69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BD9952C-A1D0-4DFB-A292-9B86D7EAE5FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5BEA847-A71E-4336-AB67-B3C38847C1C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "39F6994B-6969-485B-9286-2592B11A47BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC533775-B52E-43F0-BF19-1473BE36232D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "18D1C85E-42CC-46F2-A7B6-DAC3C3995330",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4670451-511E-496C-A78A-887366E1E992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "35994F76-CD13-4301-9134-FC0CBEA37D97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FB61191-F955-4DE6-A86B-36E031DE1F99",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Array index error in AcroForm.api in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted GIF image in a PDF file, which bypasses a size check and triggers a heap-based buffer overflow."
    },
    {
      "lang": "es",
      "value": "Error de \u00edndice de matriz en archivo AcroForm.api en Adobe Reader y Acrobat versi\u00f3n 9.x anterior a 9.3.3 y versi\u00f3n 8.x anterior a 8.2.3 en Windows y Mac OS X, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de una imagen GIF creada en un archivo PDF, lo que omite una comprobaci\u00f3n de tama\u00f1o y desencadena un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria."
    }
  ],
  "evaluatorSolution": "Per: http://www.adobe.com/support/security/bulletins/apsb10-15.html\r\n\r\n\u0027This update resolves an array-indexing error vulnerability that could lead to code execution (CVE-2010-2206).\u0027",
  "id": "CVE-2010-2206",
  "lastModified": "2024-11-21T01:16:09.160",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2010-06-30T18:30:01.660",
  "references": [
    {
      "source": "psirt@adobe.com",
      "url": "http://secunia.com/secunia_research/2010-88/"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.securityfocus.com/archive/1/512092/100/0/threaded"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.securityfocus.com/bid/41241"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.securitytracker.com/id?1024159"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.vupen.com/english/advisories/2010/1636"
    },
    {
      "source": "psirt@adobe.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7200"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/secunia_research/2010-88/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/512092/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/41241"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1024159"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/1636"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7200"
    }
  ],
  "sourceIdentifier": "psirt@adobe.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2010-2206

Vulnerability from cvelistv5

Published

2010-06-30 18:00

Modified

2024-08-07 02:25