CVE-2010-2206

EUVD-2010-2222
Array index error in AcroForm.api in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted GIF image in a PDF file, which bypasses a size check and triggers a heap-based buffer overflow.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 88%
Affected Products (NVD)
VendorProductVersion
adobeacrobat
9.0
adobeacrobat
9.1
adobeacrobat
9.1.1
adobeacrobat
9.1.2
adobeacrobat
9.1.3
adobeacrobat
9.2
adobeacrobat
9.3
adobeacrobat
9.3.1
adobeacrobat
9.3.2
adobeacrobat_reader
9.0
adobeacrobat_reader
9.1
adobeacrobat_reader
9.1.1
adobeacrobat_reader
9.1.2
adobeacrobat_reader
9.1.3
adobeacrobat_reader
9.2
adobeacrobat_reader
9.3
adobeacrobat_reader
9.3.1
adobeacrobat_reader
9.3.2
adobeacrobat
8.0
adobeacrobat
8.1
adobeacrobat
8.1.1
adobeacrobat
8.1.2
adobeacrobat
8.1.3
adobeacrobat
8.1.4
adobeacrobat
8.1.5
adobeacrobat
8.1.6
adobeacrobat
8.1.7
adobeacrobat
8.2
adobeacrobat
8.2.1
adobeacrobat
8.2.2
adobeacrobat_reader
8.0
adobeacrobat_reader
8.1
adobeacrobat_reader
8.1.1
adobeacrobat_reader
8.1.2
adobeacrobat_reader
8.1.4
adobeacrobat_reader
8.1.5
adobeacrobat_reader
8.1.6
adobeacrobat_reader
8.1.7
adobeacrobat_reader
8.2.1
adobeacrobat_reader
8.2.2
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
acroread
dapper
ignored
hardy
Fixed 9.3.3-1hardy1
released
jaunty
Fixed 9.3.3-1jaunty1
released
karmic
Fixed 9.3.3-1karmic1
released
lucid
Fixed 9.3.3-1lucid1
released
Common Weakness Enumeration
References
http://secunia.com/secunia_research/2010-88/
http://www.adobe.com/support/security/bulletins/apsb10-15.html
http://www.securityfocus.com/archive/1/512092/100/0/threaded
http://www.securityfocus.com/bid/41241
http://www.securitytracker.com/id?1024159
http://www.vupen.com/english/advisories/2010/1636
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7200
http://secunia.com/secunia_research/2010-88/
http://www.adobe.com/support/security/bulletins/apsb10-15.html
http://www.securityfocus.com/archive/1/512092/100/0/threaded
http://www.securityfocus.com/bid/41241
http://www.securitytracker.com/id?1024159
http://www.vupen.com/english/advisories/2010/1636
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7200