CVE-2010-2206

Array index error in AcroForm.api in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted GIF image in a PDF file, which bypasses a size check and triggers a heap-based buffer overflow.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
OR cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
OR cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

History

21 Nov 2024, 01:16

Type Values Removed Values Added
References () http://secunia.com/secunia_research/2010-88/ - () http://secunia.com/secunia_research/2010-88/ -
References () http://www.adobe.com/support/security/bulletins/apsb10-15.html - Patch, Vendor Advisory () http://www.adobe.com/support/security/bulletins/apsb10-15.html - Patch, Vendor Advisory
References () http://www.securityfocus.com/archive/1/512092/100/0/threaded - () http://www.securityfocus.com/archive/1/512092/100/0/threaded -
References () http://www.securityfocus.com/bid/41241 - () http://www.securityfocus.com/bid/41241 -
References () http://www.securitytracker.com/id?1024159 - () http://www.securitytracker.com/id?1024159 -
References () http://www.vupen.com/english/advisories/2010/1636 - () http://www.vupen.com/english/advisories/2010/1636 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7200 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7200 -

Information

Published : 2010-06-30 18:30

Updated : 2024-11-21 01:16


NVD link : CVE-2010-2206

Mitre link : CVE-2010-2206

CVE.ORG link : CVE-2010-2206


JSON object : View

Products Affected

apple

  • mac_os_x

microsoft

  • windows

adobe

  • acrobat
  • acrobat_reader
CWE
CWE-189

Numeric Errors