Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2010-4091 (GCVE-0-2010-4091)
Vulnerability from cvelistv5 – Published: 2010-11-07 21:00 – Updated: 2024-08-07 03:34
VLAI
EPSS
Summary
The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
22 references
Date Public
2010-11-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.763Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42095",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42095"
},
{
"name": "69005",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/69005"
},
{
"name": "ADV-2011-0191",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"name": "43025",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43025"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html"
},
{
"name": "ADV-2010-3111",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3111"
},
{
"name": "ADV-2010-2890",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2890"
},
{
"name": "GLSA-201101-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"name": "44638",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44638"
},
{
"name": "RHSA-2010:0934",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
},
{
"name": "20101103 [0dayz] Acrobat Reader Memory Corruption Remote Arbitrary Code Execution",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html"
},
{
"name": "ADV-2011-0337",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"name": "1025033",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025033"
},
{
"name": "42401",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42401"
},
{
"name": "1024684",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024684"
},
{
"name": "oval:org.mitre.oval:def:12527",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12527"
},
{
"name": "15419",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/15419"
},
{
"name": "adobe-reader-pdf-file-ce(62996)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62996"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"name": "SUSE-SA:2010:058",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "42095",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42095"
},
{
"name": "69005",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/69005"
},
{
"name": "ADV-2011-0191",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"name": "43025",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43025"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html"
},
{
"name": "ADV-2010-3111",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3111"
},
{
"name": "ADV-2010-2890",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2890"
},
{
"name": "GLSA-201101-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"name": "44638",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44638"
},
{
"name": "RHSA-2010:0934",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
},
{
"name": "20101103 [0dayz] Acrobat Reader Memory Corruption Remote Arbitrary Code Execution",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html"
},
{
"name": "ADV-2011-0337",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"name": "1025033",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025033"
},
{
"name": "42401",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42401"
},
{
"name": "1024684",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024684"
},
{
"name": "oval:org.mitre.oval:def:12527",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12527"
},
{
"name": "15419",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/15419"
},
{
"name": "adobe-reader-pdf-file-ce(62996)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62996"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"name": "SUSE-SA:2010:058",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2010-4091",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42095",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42095"
},
{
"name": "69005",
"refsource": "OSVDB",
"url": "http://osvdb.org/69005"
},
{
"name": "ADV-2011-0191",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"name": "43025",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43025"
},
{
"name": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html",
"refsource": "MISC",
"url": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html"
},
{
"name": "ADV-2010-3111",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3111"
},
{
"name": "ADV-2010-2890",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2890"
},
{
"name": "GLSA-201101-08",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"name": "44638",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44638"
},
{
"name": "RHSA-2010:0934",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
},
{
"name": "20101103 [0dayz] Acrobat Reader Memory Corruption Remote Arbitrary Code Execution",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html"
},
{
"name": "ADV-2011-0337",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"name": "1025033",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025033"
},
{
"name": "42401",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42401"
},
{
"name": "1024684",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024684"
},
{
"name": "oval:org.mitre.oval:def:12527",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12527"
},
{
"name": "15419",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15419"
},
{
"name": "adobe-reader-pdf-file-ce(62996)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62996"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb10-28.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"name": "SUSE-SA:2010:058",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb11-03.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"name": "http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html",
"refsource": "MISC",
"url": "http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2010-4091",
"datePublished": "2010-11-07T21:00:00.000Z",
"dateReserved": "2010-10-25T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:34:37.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2010-4091",
"date": "2026-05-28",
"epss": "0.41046",
"percentile": "0.97448"
},
"fkie_nvd": {
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"996EB48E-D2A8-49E4-915A-EBDE26A9FB94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"97E20936-EE31-4CEB-A710-3165A28BAD69\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5BD9952C-A1D0-4DFB-A292-9B86D7EAE5FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C5BEA847-A71E-4336-AB67-B3C38847C1C3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39F6994B-6969-485B-9286-2592B11A47BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FC533775-B52E-43F0-BF19-1473BE36232D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"18D1C85E-42CC-46F2-A7B6-DAC3C3995330\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C4670451-511E-496C-A78A-887366E1E992\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:8.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A2A4F62-7AB5-4134-9A65-4B4E1EA262A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"35994F76-CD13-4301-9134-FC0CBEA37D97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0FB61191-F955-4DE6-A86B-36E031DE1F99\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:8.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E32D68D5-6A79-454B-B14F-9BC865413E3B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:8.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A57581C-A139-41C3-B9DB-0C4CFA7A1BB2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"562772F1-1627-438E-A6B8-7D1AA5536086\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"27D5AF92-A8E1-41BD-B20A-EB26BB6AD4DE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F25C9167-C6D4-4264-9197-50878EDA2D96\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DD1D7308-09E9-42B2-8836-DC2326C62A9E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5C251D2-4C9B-4029-8BED-0FCAED3B8E89\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2432AC17-5378-4C61-A775-5172FD44EC03\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B6BA82F4-470D-4A46-89B2-D2F3C8FA31C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39EDED39-664F-4B68-B422-2CCCA3B83550\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B508C5CE-1386-47B3-B301-B78DBB3A75D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DDC2EEB6-D5EC-430F-962A-1279C9970441\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8DC590C7-5BDE-4E46-9605-01E95B17F01F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DCFE67F4-6907-4967-96A3-1757EADA72BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9731EFE2-A5BE-4389-A92D-DDC573633B6C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0FF5999A-9D12-4CDD-8DE9-A89C10B2D574\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CF61F35-5905-4BA9-AD7E-7DB261D2F256\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"26AE76F7-D7F6-4AF2-A5C6-708B5642C288\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"749FFB51-65D4-4A4B-95F3-742440276897\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C8665E53-EC1E-4B95-9064-2565BC12113E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"24218FDA-F9DA-465A-B5D5-76A55C7EE04E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E2C5F1C5-85CD-47B9-897F-E51D6902AF72\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0E190FF-3EBC-44AB-8072-4D964E843E8A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A624D44-C135-4ED3-9BA4-F4F8A044850B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B95C0A99-42E4-40A9-BF61-507E4E4DC052\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B9F55CC-3681-4A67-99D1-3F40447392D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A9C0AC89-804B-44A1-929A-118993B6BAA7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39B174C3-1BA6-4654-BFA4-CC126454E147\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6ACDAA2B-3977-4590-9F16-5DDB6FF6545B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:8.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB7C4E07-0909-4114-BBFB-92626AFC49BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:8.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7832B75B-7868-44DE-A9A4-CBD9CC117DB4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5AA53564-9ACD-4CFB-9AAC-A77440026A57\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7EC46E3-77B7-4455-B3E0-A45C6B69B3DC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4F475858-DCE2-4C93-A51A-04718DF17593\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"88687272-4CD0-42A2-B727-C322ABDE3549\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1E5C4FA4-3786-47AF-BD7D-8E75927EB3AA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B35CC915-EEE3-4E86-9E09-1893C725E07B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"76201694-E5C5-4CA3-8919-46937AFDAAE3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"397AB988-1C2C-4247-9B34-806094197CB5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8FA0B8C3-8060-4685-A241-9852BD63B7A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4AB9BBDE-634A-47CF-BA49-67382B547900\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F56B1726-4F05-4732-9D8B-077EF593EAEC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A258374F-55CB-48D2-9094-CD70E1288F60\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B57C5136-7853-478B-A342-6013528B41B4\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0FF5999A-9D12-4CDD-8DE9-A89C10B2D574\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CF61F35-5905-4BA9-AD7E-7DB261D2F256\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.\"}, {\"lang\": \"es\", \"value\": \"El plugin EScript.api en Adobe Reader y Acrobat versi\\u00f3n 10.x anterior a 10.0.1, versi\\u00f3n 9.x anterior a 9.4.1 y versi\\u00f3n 8.x anterior a 8.2.6 en Windows y Mac OS X, permite a los atacantes remotos ejecutar c\\u00f3digo arbitrario o causar una denegaci\\u00f3n de servicio (bloqueo de aplicaci\\u00f3n) por medio de un documento PDF creado que desencadena una corrupci\\u00f3n de memoria, que involucran a la funci\\u00f3n printSeps. NOTA: algunos de estos datos se consiguen de la informaci\\u00f3n de terceros.\"}]",
"id": "CVE-2010-4091",
"lastModified": "2024-11-21T01:20:13.397",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
"published": "2010-11-07T22:00:03.410",
"references": "[{\"url\": \"http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html\", \"source\": \"psirt@adobe.com\"}, {\"url\": \"http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html\", \"source\": \"psirt@adobe.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html\", \"source\": \"psirt@adobe.com\"}, {\"url\": \"http://osvdb.org/69005\", \"source\": \"psirt@adobe.com\"}, {\"url\": \"http://secunia.com/advisories/42095\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/42401\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/43025\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-201101-08.xml\", \"source\": \"psirt@adobe.com\"}, {\"url\": \"http://www.adobe.com/support/security/bulletins/apsb10-28.html\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.adobe.com/support/security/bulletins/apsb11-03.html\", \"source\": \"psirt@adobe.com\"}, {\"url\": \"http://www.exploit-db.com/exploits/15419\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0934.html\", \"source\": \"psirt@adobe.com\"}, {\"url\": \"http://www.securityfocus.com/bid/44638\", \"source\": \"psirt@adobe.com\"}, {\"url\": \"http://www.securitytracker.com/id?1024684\", \"source\": \"psirt@adobe.com\"}, {\"url\": \"http://www.securitytracker.com/id?1025033\", \"source\": \"psirt@adobe.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/2890\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/3111\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0191\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0337\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/62996\", \"source\": \"psirt@adobe.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12527\", \"source\": \"psirt@adobe.com\"}, {\"url\": \"http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://osvdb.org/69005\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/42095\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/42401\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/43025\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-201101-08.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.adobe.com/support/security/bulletins/apsb10-28.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.adobe.com/support/security/bulletins/apsb11-03.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.exploit-db.com/exploits/15419\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0934.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/44638\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1024684\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1025033\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/2890\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/3111\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0191\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0337\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/62996\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12527\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2010-4091\",\"sourceIdentifier\":\"psirt@adobe.com\",\"published\":\"2010-11-07T22:00:03.410\",\"lastModified\":\"2026-04-29T01:13:23.040\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.\"},{\"lang\":\"es\",\"value\":\"El plugin EScript.api en Adobe Reader y Acrobat versi\u00f3n 10.x anterior a 10.0.1, versi\u00f3n 9.x anterior a 9.4.1 y versi\u00f3n 8.x anterior a 8.2.6 en Windows y Mac OS X, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (bloqueo de aplicaci\u00f3n) por medio de un documento PDF creado que desencadena una corrupci\u00f3n de memoria, que involucran a la funci\u00f3n printSeps. NOTA: algunos de estos datos se consiguen de la informaci\u00f3n de terceros.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"996EB48E-D2A8-49E4-915A-EBDE26A9FB94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97E20936-EE31-4CEB-A710-3165A28BAD69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BD9952C-A1D0-4DFB-A292-9B86D7EAE5FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5BEA847-A71E-4336-AB67-B3C38847C1C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39F6994B-6969-485B-9286-2592B11A47BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC533775-B52E-43F0-BF19-1473BE36232D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18D1C85E-42CC-46F2-A7B6-DAC3C3995330\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4670451-511E-496C-A78A-887366E1E992\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A2A4F62-7AB5-4134-9A65-4B4E1EA262A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35994F76-CD13-4301-9134-FC0CBEA37D97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FB61191-F955-4DE6-A86B-36E031DE1F99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E32D68D5-6A79-454B-B14F-9BC865413E3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A57581C-A139-41C3-B9DB-0C4CFA7A1BB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"562772F1-1627-438E-A6B8-7D1AA5536086\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27D5AF92-A8E1-41BD-B20A-EB26BB6AD4DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F25C9167-C6D4-4264-9197-50878EDA2D96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD1D7308-09E9-42B2-8836-DC2326C62A9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5C251D2-4C9B-4029-8BED-0FCAED3B8E89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2432AC17-5378-4C61-A775-5172FD44EC03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6BA82F4-470D-4A46-89B2-D2F3C8FA31C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39EDED39-664F-4B68-B422-2CCCA3B83550\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B508C5CE-1386-47B3-B301-B78DBB3A75D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDC2EEB6-D5EC-430F-962A-1279C9970441\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DC590C7-5BDE-4E46-9605-01E95B17F01F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCFE67F4-6907-4967-96A3-1757EADA72BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9731EFE2-A5BE-4389-A92D-DDC573633B6C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FF5999A-9D12-4CDD-8DE9-A89C10B2D574\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CF61F35-5905-4BA9-AD7E-7DB261D2F256\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26AE76F7-D7F6-4AF2-A5C6-708B5642C288\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"749FFB51-65D4-4A4B-95F3-742440276897\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8665E53-EC1E-4B95-9064-2565BC12113E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24218FDA-F9DA-465A-B5D5-76A55C7EE04E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2C5F1C5-85CD-47B9-897F-E51D6902AF72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0E190FF-3EBC-44AB-8072-4D964E843E8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A624D44-C135-4ED3-9BA4-F4F8A044850B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B95C0A99-42E4-40A9-BF61-507E4E4DC052\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B9F55CC-3681-4A67-99D1-3F40447392D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9C0AC89-804B-44A1-929A-118993B6BAA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39B174C3-1BA6-4654-BFA4-CC126454E147\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6ACDAA2B-3977-4590-9F16-5DDB6FF6545B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB7C4E07-0909-4114-BBFB-92626AFC49BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7832B75B-7868-44DE-A9A4-CBD9CC117DB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AA53564-9ACD-4CFB-9AAC-A77440026A57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7EC46E3-77B7-4455-B3E0-A45C6B69B3DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F475858-DCE2-4C93-A51A-04718DF17593\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88687272-4CD0-42A2-B727-C322ABDE3549\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E5C4FA4-3786-47AF-BD7D-8E75927EB3AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B35CC915-EEE3-4E86-9E09-1893C725E07B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76201694-E5C5-4CA3-8919-46937AFDAAE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"397AB988-1C2C-4247-9B34-806094197CB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FA0B8C3-8060-4685-A241-9852BD63B7A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AB9BBDE-634A-47CF-BA49-67382B547900\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F56B1726-4F05-4732-9D8B-077EF593EAEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A258374F-55CB-48D2-9094-CD70E1288F60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B57C5136-7853-478B-A342-6013528B41B4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FF5999A-9D12-4CDD-8DE9-A89C10B2D574\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CF61F35-5905-4BA9-AD7E-7DB261D2F256\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://osvdb.org/69005\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://secunia.com/advisories/42095\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/42401\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/43025\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-201101-08.xml\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb10-28.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb11-03.html\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.exploit-db.com/exploits/15419\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0934.html\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.securityfocus.com/bid/44638\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.securitytracker.com/id?1024684\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.securitytracker.com/id?1025033\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/2890\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/3111\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0191\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0337\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/62996\",\"source\":\"psirt@adobe.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12527\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/69005\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/42095\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/42401\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/43025\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-201101-08.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb10-28.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb11-03.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.exploit-db.com/exploits/15419\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0934.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/44638\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1024684\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1025033\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/2890\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/3111\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0191\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0337\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/62996\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12527\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
CERTA-2010-AVI-551
Vulnerability from certfr_avis - Published: - Updated:
Deux vulnérabilités dans Adobe Reader et Acrobat permettent à un utilisateur malveillant d'exécuter du code arbitraire. Leur exploitation peut se faire à distance par l'intermédiaire des greffons dans les navigateurs.
Description
Deux vulnérabilités permettent à un utilisateur malveillant d'exécuter du code arbitraire :
- une corruption de la mémoire affecte uniquement les versions 9.x d'Adobe Reader et d'Acrobat ;
- une autre corruption de la mémoire n'affecte qu'Adobe Reader.
L'exploitation de ces vulnérabilités peut se faire à distance par l'intermédiaire des greffons dans les navigateurs.
Solution
La version 9.4.1 des deux logiciels remédie à ces problèmes.
Le correctif pour Acrobat sur Unix sera publié le 30 novembre 2010.
Le correctif pour la version 8 sera publié ultérieurement.
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Adobe Reader et Acrobat 9.x \u00e0 partir de la version 9.2 pour les syst\u00e8mes UNIX.",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Reader et Acrobat 9.x \u00e0 partir de la version 9.2 et 8.x \u00e0 partir de la version 8.1.7, pour les syst\u00e8mes Windows et Macintosh ;",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s permettent \u00e0 un utilisateur malveillant d\u0027ex\u00e9cuter\ndu code arbitraire\u00a0:\n\n- une corruption de la m\u00e9moire affecte uniquement les versions 9.x\n d\u0027Adobe Reader et d\u0027Acrobat\u00a0;\n- une autre corruption de la m\u00e9moire n\u0027affecte qu\u0027Adobe Reader.\n\nL\u0027exploitation de ces vuln\u00e9rabilit\u00e9s peut se faire \u00e0 distance par\nl\u0027interm\u00e9diaire des greffons dans les navigateurs.\n\n## Solution\n\nLa version 9.4.1 des deux logiciels rem\u00e9die \u00e0 ces probl\u00e8mes.\n\nLe correctif pour Acrobat sur Unix sera publi\u00e9 le 30 novembre 2010.\n\nLe correctif pour la version 8 sera publi\u00e9 ult\u00e9rieurement.\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2010-3654",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3654"
},
{
"name": "CVE-2010-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4091"
}
],
"links": [
{
"title": "Document du CERTA CERTA-2010-ALE-020 du 17 novembre 2010 :",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2010-ALE-020/index.html"
}
],
"reference": "CERTA-2010-AVI-551",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2010-11-17T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
}
],
"summary": "Deux vuln\u00e9rabilit\u00e9s dans Adobe Reader et Acrobat permettent \u00e0 un\nutilisateur malveillant d\u0027ex\u00e9cuter du code arbitraire. Leur exploitation\npeut se faire \u00e0 distance par l\u0027interm\u00e9diaire des greffons dans les\nnavigateurs.\n",
"title": "Vuln\u00e9rabilit\u00e9s dans Adobe Reader et Acrobat",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb10-28 du 16 novembre 2010",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
}
]
}
CERTA-2011-AVI-076
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Adobe Reader et Adobe Acrobat. Certaines d'entre elles permettent l'exécution de code arbitraire à distance.
Description
Sur les 29 vulnérabilités corrigées, 27 d'entre-elles permettent à un utilisateur malveillant d'exécuter du code arbitraire à distance. Les autres permettent de l'injection de code indirecte à distance. Les vulnérabilités affectent différents modules, comme la gestion de l'affichage d'images ou de rendu 3D. Une personne malveillante peut les exploiter avec un fichier PDF spécialement conçu, qui sera ouvert par la victime.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Adobe Acrobat X (10.0) pour syst\u00e8mes Windows et Macintosh.",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Reader 9.4.1 et versions ant\u00e9rieures pour syst\u00e8mes Windows, Macintosh et Unix ;",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Reader X (10.0) pour syst\u00e8mes Windows et Macintosh ;",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nSur les 29 vuln\u00e9rabilit\u00e9s corrig\u00e9es, 27 d\u0027entre-elles permettent \u00e0 un\nutilisateur malveillant d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance. Les\nautres permettent de l\u0027injection de code indirecte \u00e0 distance. Les\nvuln\u00e9rabilit\u00e9s affectent diff\u00e9rents modules, comme la gestion de\nl\u0027affichage d\u0027images ou de rendu 3D. Une personne malveillante peut les\nexploiter avec un fichier PDF sp\u00e9cialement con\u00e7u, qui sera ouvert par la\nvictime.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-0591",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0591"
},
{
"name": "CVE-2011-0600",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0600"
},
{
"name": "CVE-2011-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0567"
},
{
"name": "CVE-2011-0605",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0605"
},
{
"name": "CVE-2011-0594",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0594"
},
{
"name": "CVE-2011-0568",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0568"
},
{
"name": "CVE-2011-0564",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0564"
},
{
"name": "CVE-2011-0590",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0590"
},
{
"name": "CVE-2011-0586",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0586"
},
{
"name": "CVE-2011-0596",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0596"
},
{
"name": "CVE-2011-0589",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0589"
},
{
"name": "CVE-2011-0606",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0606"
},
{
"name": "CVE-2011-0588",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0588"
},
{
"name": "CVE-2011-0598",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0598"
},
{
"name": "CVE-2011-0566",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0566"
},
{
"name": "CVE-2011-0585",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0585"
},
{
"name": "CVE-2011-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0563"
},
{
"name": "CVE-2011-0602",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0602"
},
{
"name": "CVE-2011-0587",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0587"
},
{
"name": "CVE-2011-0593",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0593"
},
{
"name": "CVE-2011-0599",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0599"
},
{
"name": "CVE-2011-0595",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0595"
},
{
"name": "CVE-2011-0565",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0565"
},
{
"name": "CVE-2011-0570",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0570"
},
{
"name": "CVE-2010-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4091"
},
{
"name": "CVE-2011-0603",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0603"
},
{
"name": "CVE-2011-0604",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0604"
},
{
"name": "CVE-2011-0562",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0562"
},
{
"name": "CVE-2011-0592",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0592"
}
],
"links": [],
"reference": "CERTA-2011-AVI-076",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2011-02-09T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Adobe Reader et Adobe\nAcrobat. Certaines d\u0027entre elles permettent l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Adobe Reader et Adobe Acrobat",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb11-03 du 09 f\u00e9vrier 2011",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
}
]
}
CERTA-2010-AVI-551
Vulnerability from certfr_avis - Published: - Updated:
Deux vulnérabilités dans Adobe Reader et Acrobat permettent à un utilisateur malveillant d'exécuter du code arbitraire. Leur exploitation peut se faire à distance par l'intermédiaire des greffons dans les navigateurs.
Description
Deux vulnérabilités permettent à un utilisateur malveillant d'exécuter du code arbitraire :
- une corruption de la mémoire affecte uniquement les versions 9.x d'Adobe Reader et d'Acrobat ;
- une autre corruption de la mémoire n'affecte qu'Adobe Reader.
L'exploitation de ces vulnérabilités peut se faire à distance par l'intermédiaire des greffons dans les navigateurs.
Solution
La version 9.4.1 des deux logiciels remédie à ces problèmes.
Le correctif pour Acrobat sur Unix sera publié le 30 novembre 2010.
Le correctif pour la version 8 sera publié ultérieurement.
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Adobe Reader et Acrobat 9.x \u00e0 partir de la version 9.2 pour les syst\u00e8mes UNIX.",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Reader et Acrobat 9.x \u00e0 partir de la version 9.2 et 8.x \u00e0 partir de la version 8.1.7, pour les syst\u00e8mes Windows et Macintosh ;",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s permettent \u00e0 un utilisateur malveillant d\u0027ex\u00e9cuter\ndu code arbitraire\u00a0:\n\n- une corruption de la m\u00e9moire affecte uniquement les versions 9.x\n d\u0027Adobe Reader et d\u0027Acrobat\u00a0;\n- une autre corruption de la m\u00e9moire n\u0027affecte qu\u0027Adobe Reader.\n\nL\u0027exploitation de ces vuln\u00e9rabilit\u00e9s peut se faire \u00e0 distance par\nl\u0027interm\u00e9diaire des greffons dans les navigateurs.\n\n## Solution\n\nLa version 9.4.1 des deux logiciels rem\u00e9die \u00e0 ces probl\u00e8mes.\n\nLe correctif pour Acrobat sur Unix sera publi\u00e9 le 30 novembre 2010.\n\nLe correctif pour la version 8 sera publi\u00e9 ult\u00e9rieurement.\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2010-3654",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3654"
},
{
"name": "CVE-2010-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4091"
}
],
"links": [
{
"title": "Document du CERTA CERTA-2010-ALE-020 du 17 novembre 2010 :",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2010-ALE-020/index.html"
}
],
"reference": "CERTA-2010-AVI-551",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2010-11-17T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
}
],
"summary": "Deux vuln\u00e9rabilit\u00e9s dans Adobe Reader et Acrobat permettent \u00e0 un\nutilisateur malveillant d\u0027ex\u00e9cuter du code arbitraire. Leur exploitation\npeut se faire \u00e0 distance par l\u0027interm\u00e9diaire des greffons dans les\nnavigateurs.\n",
"title": "Vuln\u00e9rabilit\u00e9s dans Adobe Reader et Acrobat",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb10-28 du 16 novembre 2010",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
}
]
}
CERTA-2011-AVI-076
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Adobe Reader et Adobe Acrobat. Certaines d'entre elles permettent l'exécution de code arbitraire à distance.
Description
Sur les 29 vulnérabilités corrigées, 27 d'entre-elles permettent à un utilisateur malveillant d'exécuter du code arbitraire à distance. Les autres permettent de l'injection de code indirecte à distance. Les vulnérabilités affectent différents modules, comme la gestion de l'affichage d'images ou de rendu 3D. Une personne malveillante peut les exploiter avec un fichier PDF spécialement conçu, qui sera ouvert par la victime.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Adobe Acrobat X (10.0) pour syst\u00e8mes Windows et Macintosh.",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Reader 9.4.1 et versions ant\u00e9rieures pour syst\u00e8mes Windows, Macintosh et Unix ;",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Reader X (10.0) pour syst\u00e8mes Windows et Macintosh ;",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nSur les 29 vuln\u00e9rabilit\u00e9s corrig\u00e9es, 27 d\u0027entre-elles permettent \u00e0 un\nutilisateur malveillant d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance. Les\nautres permettent de l\u0027injection de code indirecte \u00e0 distance. Les\nvuln\u00e9rabilit\u00e9s affectent diff\u00e9rents modules, comme la gestion de\nl\u0027affichage d\u0027images ou de rendu 3D. Une personne malveillante peut les\nexploiter avec un fichier PDF sp\u00e9cialement con\u00e7u, qui sera ouvert par la\nvictime.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-0591",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0591"
},
{
"name": "CVE-2011-0600",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0600"
},
{
"name": "CVE-2011-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0567"
},
{
"name": "CVE-2011-0605",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0605"
},
{
"name": "CVE-2011-0594",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0594"
},
{
"name": "CVE-2011-0568",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0568"
},
{
"name": "CVE-2011-0564",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0564"
},
{
"name": "CVE-2011-0590",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0590"
},
{
"name": "CVE-2011-0586",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0586"
},
{
"name": "CVE-2011-0596",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0596"
},
{
"name": "CVE-2011-0589",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0589"
},
{
"name": "CVE-2011-0606",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0606"
},
{
"name": "CVE-2011-0588",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0588"
},
{
"name": "CVE-2011-0598",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0598"
},
{
"name": "CVE-2011-0566",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0566"
},
{
"name": "CVE-2011-0585",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0585"
},
{
"name": "CVE-2011-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0563"
},
{
"name": "CVE-2011-0602",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0602"
},
{
"name": "CVE-2011-0587",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0587"
},
{
"name": "CVE-2011-0593",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0593"
},
{
"name": "CVE-2011-0599",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0599"
},
{
"name": "CVE-2011-0595",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0595"
},
{
"name": "CVE-2011-0565",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0565"
},
{
"name": "CVE-2011-0570",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0570"
},
{
"name": "CVE-2010-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4091"
},
{
"name": "CVE-2011-0603",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0603"
},
{
"name": "CVE-2011-0604",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0604"
},
{
"name": "CVE-2011-0562",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0562"
},
{
"name": "CVE-2011-0592",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0592"
}
],
"links": [],
"reference": "CERTA-2011-AVI-076",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2011-02-09T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Adobe Reader et Adobe\nAcrobat. Certaines d\u0027entre elles permettent l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Adobe Reader et Adobe Acrobat",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb11-03 du 09 f\u00e9vrier 2011",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
}
]
}
FKIE_CVE-2010-4091
Vulnerability from fkie_nvd - Published: 2010-11-07 22:00 - Updated: 2026-04-29 01:13
Severity
Summary
The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "996EB48E-D2A8-49E4-915A-EBDE26A9FB94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "97E20936-EE31-4CEB-A710-3165A28BAD69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5BD9952C-A1D0-4DFB-A292-9B86D7EAE5FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C5BEA847-A71E-4336-AB67-B3C38847C1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39F6994B-6969-485B-9286-2592B11A47BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC533775-B52E-43F0-BF19-1473BE36232D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "18D1C85E-42CC-46F2-A7B6-DAC3C3995330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C4670451-511E-496C-A78A-887366E1E992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1A2A4F62-7AB5-4134-9A65-4B4E1EA262A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "35994F76-CD13-4301-9134-FC0CBEA37D97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0FB61191-F955-4DE6-A86B-36E031DE1F99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E32D68D5-6A79-454B-B14F-9BC865413E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2A57581C-A139-41C3-B9DB-0C4CFA7A1BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "562772F1-1627-438E-A6B8-7D1AA5536086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "27D5AF92-A8E1-41BD-B20A-EB26BB6AD4DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F25C9167-C6D4-4264-9197-50878EDA2D96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD1D7308-09E9-42B2-8836-DC2326C62A9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B5C251D2-4C9B-4029-8BED-0FCAED3B8E89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2432AC17-5378-4C61-A775-5172FD44EC03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B6BA82F4-470D-4A46-89B2-D2F3C8FA31C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39EDED39-664F-4B68-B422-2CCCA3B83550",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B508C5CE-1386-47B3-B301-B78DBB3A75D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2EEB6-D5EC-430F-962A-1279C9970441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8DC590C7-5BDE-4E46-9605-01E95B17F01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DCFE67F4-6907-4967-96A3-1757EADA72BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9731EFE2-A5BE-4389-A92D-DDC573633B6C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "26AE76F7-D7F6-4AF2-A5C6-708B5642C288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "749FFB51-65D4-4A4B-95F3-742440276897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8665E53-EC1E-4B95-9064-2565BC12113E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24218FDA-F9DA-465A-B5D5-76A55C7EE04E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E2C5F1C5-85CD-47B9-897F-E51D6902AF72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E190FF-3EBC-44AB-8072-4D964E843E8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6A624D44-C135-4ED3-9BA4-F4F8A044850B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B95C0A99-42E4-40A9-BF61-507E4E4DC052",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9F55CC-3681-4A67-99D1-3F40447392D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C0AC89-804B-44A1-929A-118993B6BAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39B174C3-1BA6-4654-BFA4-CC126454E147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACDAA2B-3977-4590-9F16-5DDB6FF6545B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BB7C4E07-0909-4114-BBFB-92626AFC49BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7832B75B-7868-44DE-A9A4-CBD9CC117DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5AA53564-9ACD-4CFB-9AAC-A77440026A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7EC46E3-77B7-4455-B3E0-A45C6B69B3DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F475858-DCE2-4C93-A51A-04718DF17593",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "88687272-4CD0-42A2-B727-C322ABDE3549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1E5C4FA4-3786-47AF-BD7D-8E75927EB3AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B35CC915-EEE3-4E86-9E09-1893C725E07B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "76201694-E5C5-4CA3-8919-46937AFDAAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "397AB988-1C2C-4247-9B34-806094197CB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8FA0B8C3-8060-4685-A241-9852BD63B7A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB9BBDE-634A-47CF-BA49-67382B547900",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F56B1726-4F05-4732-9D8B-077EF593EAEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A258374F-55CB-48D2-9094-CD70E1288F60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B57C5136-7853-478B-A342-6013528B41B4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "El plugin EScript.api en Adobe Reader y Acrobat versi\u00f3n 10.x anterior a 10.0.1, versi\u00f3n 9.x anterior a 9.4.1 y versi\u00f3n 8.x anterior a 8.2.6 en Windows y Mac OS X, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (bloqueo de aplicaci\u00f3n) por medio de un documento PDF creado que desencadena una corrupci\u00f3n de memoria, que involucran a la funci\u00f3n printSeps. NOTA: algunos de estos datos se consiguen de la informaci\u00f3n de terceros."
}
],
"id": "CVE-2010-4091",
"lastModified": "2026-04-29T01:13:23.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-11-07T22:00:03.410",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html"
},
{
"source": "psirt@adobe.com",
"url": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html"
},
{
"source": "psirt@adobe.com",
"url": "http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html"
},
{
"source": "psirt@adobe.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
},
{
"source": "psirt@adobe.com",
"url": "http://osvdb.org/69005"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42095"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42401"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43025"
},
{
"source": "psirt@adobe.com",
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"source": "psirt@adobe.com",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/15419"
},
{
"source": "psirt@adobe.com",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/44638"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id?1024684"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id?1025033"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2890"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3111"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"source": "psirt@adobe.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62996"
},
{
"source": "psirt@adobe.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12527"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/69005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42401"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/15419"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/44638"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1024684"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2890"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62996"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12527"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-G5VR-3WPW-49PH
Vulnerability from github – Published: 2022-05-14 02:18 – Updated: 2022-05-14 02:18
VLAI
Details
The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.
{
"affected": [],
"aliases": [
"CVE-2010-4091"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2010-11-07T22:00:00Z",
"severity": "HIGH"
},
"details": "The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.",
"id": "GHSA-g5vr-3wpw-49ph",
"modified": "2022-05-14T02:18:03Z",
"published": "2022-05-14T02:18:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4091"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62996"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12527"
},
{
"type": "WEB",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html"
},
{
"type": "WEB",
"url": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html"
},
{
"type": "WEB",
"url": "http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
},
{
"type": "WEB",
"url": "http://osvdb.org/69005"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/42095"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/42401"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/43025"
},
{
"type": "WEB",
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"type": "WEB",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"type": "WEB",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"type": "WEB",
"url": "http://www.exploit-db.com/exploits/15419"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/44638"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id?1024684"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id?1025033"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2010/2890"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2010/3111"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2011/0337"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2010-4091
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2010-4091",
"description": "The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.",
"id": "GSD-2010-4091",
"references": [
"https://www.suse.com/security/cve/CVE-2010-4091.html",
"https://access.redhat.com/errata/RHSA-2010:0934"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2010-4091"
],
"details": "The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.",
"id": "GSD-2010-4091",
"modified": "2023-12-13T01:21:29.653714Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2010-4091",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42095",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42095"
},
{
"name": "69005",
"refsource": "OSVDB",
"url": "http://osvdb.org/69005"
},
{
"name": "ADV-2011-0191",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"name": "43025",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43025"
},
{
"name": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html",
"refsource": "MISC",
"url": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html"
},
{
"name": "ADV-2010-3111",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3111"
},
{
"name": "ADV-2010-2890",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2890"
},
{
"name": "GLSA-201101-08",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"name": "44638",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44638"
},
{
"name": "RHSA-2010:0934",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
},
{
"name": "20101103 [0dayz] Acrobat Reader Memory Corruption Remote Arbitrary Code Execution",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html"
},
{
"name": "ADV-2011-0337",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"name": "1025033",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025033"
},
{
"name": "42401",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42401"
},
{
"name": "1024684",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024684"
},
{
"name": "oval:org.mitre.oval:def:12527",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12527"
},
{
"name": "15419",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15419"
},
{
"name": "adobe-reader-pdf-file-ce(62996)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62996"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb10-28.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"name": "SUSE-SA:2010:058",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb11-03.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"name": "http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html",
"refsource": "MISC",
"url": "http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2010-4091"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42095",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42095"
},
{
"name": "15419",
"refsource": "EXPLOIT-DB",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/15419"
},
{
"name": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html",
"refsource": "MISC",
"tags": [],
"url": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html"
},
{
"name": "ADV-2010-2890",
"refsource": "VUPEN",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2890"
},
{
"name": "44638",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/44638"
},
{
"name": "20101103 [0dayz] Acrobat Reader Memory Corruption Remote Arbitrary Code Execution",
"refsource": "FULLDISC",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html"
},
{
"name": "http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html",
"refsource": "MISC",
"tags": [],
"url": "http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html"
},
{
"name": "69005",
"refsource": "OSVDB",
"tags": [],
"url": "http://osvdb.org/69005"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb10-28.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"name": "RHSA-2010:0934",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
},
{
"name": "1024684",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id?1024684"
},
{
"name": "42401",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42401"
},
{
"name": "ADV-2010-3111",
"refsource": "VUPEN",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3111"
},
{
"name": "SUSE-SA:2010:058",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
},
{
"name": "GLSA-201101-08",
"refsource": "GENTOO",
"tags": [],
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"name": "43025",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43025"
},
{
"name": "ADV-2011-0191",
"refsource": "VUPEN",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb11-03.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"name": "ADV-2011-0337",
"refsource": "VUPEN",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"name": "1025033",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id?1025033"
},
{
"name": "adobe-reader-pdf-file-ce(62996)",
"refsource": "XF",
"tags": [],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62996"
},
{
"name": "oval:org.mitre.oval:def:12527",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12527"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": true
}
},
"lastModifiedDate": "2018-10-30T16:25Z",
"publishedDate": "2010-11-07T22:00Z"
}
}
}
RHSA-2010:0934
Vulnerability from csaf_redhat - Published: 2010-12-01 21:16 - Updated: 2025-11-21 17:37Summary
Red Hat Security Advisory: acroread security update
Severity
Critical
Notes
Topic: Updated acroread packages that fix two security issues are now available
for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6
Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
[Updated 7th December 2010]
The package list in this erratum has been updated to make the packages
available in the Red Hat Enterprise Linux 4 Extras IA32 channels on the
Red Hat Network.
Details: Adobe Reader allows users to view and print documents in Portable Document
Format (PDF).
This update fixes two vulnerabilities in Adobe Reader. These
vulnerabilities are detailed on the Adobe security page APSB10-28, listed
in the References section. A specially-crafted PDF file could cause Adobe
Reader to crash or, potentially, execute arbitrary code as the user running
Adobe Reader when opened. (CVE-2010-3654, CVE-2010-4091)
All Adobe Reader users should install these updated packages. They contain
Adobe Reader version 9.4.1, which is not vulnerable to these issues. All
running instances of Adobe Reader must be restarted for the update to take
effect.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.
6.8 ()
Affected products
Fixed
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:acroread-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-0:9.4.1-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-0:9.4.1-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Client-Supplementary:acroread-0:9.4.1-1.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-Supplementary:acroread-0:9.4.1-1.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.
6.8 ()
Affected products
Fixed
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:acroread-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-0:9.4.1-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-0:9.4.1-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Client-Supplementary:acroread-0:9.4.1-1.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-Supplementary:acroread-0:9.4.1-1.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated acroread packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6\nSupplementary.\n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.\n\n[Updated 7th December 2010]\nThe package list in this erratum has been updated to make the packages\navailable in the Red Hat Enterprise Linux 4 Extras IA32 channels on the\nRed Hat Network.",
"title": "Topic"
},
{
"category": "general",
"text": "Adobe Reader allows users to view and print documents in Portable Document\nFormat (PDF).\n\nThis update fixes two vulnerabilities in Adobe Reader. These\nvulnerabilities are detailed on the Adobe security page APSB10-28, listed\nin the References section. A specially-crafted PDF file could cause Adobe\nReader to crash or, potentially, execute arbitrary code as the user running\nAdobe Reader when opened. (CVE-2010-3654, CVE-2010-4091)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 9.4.1, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2010:0934",
"url": "https://access.redhat.com/errata/RHSA-2010:0934"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb10-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"category": "external",
"summary": "647525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=647525"
},
{
"category": "external",
"summary": "651133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=651133"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0934.json"
}
],
"title": "Red Hat Security Advisory: acroread security update",
"tracking": {
"current_release_date": "2025-11-21T17:37:11+00:00",
"generator": {
"date": "2025-11-21T17:37:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2010:0934",
"initial_release_date": "2010-12-01T21:16:00+00:00",
"revision_history": [
{
"date": "2010-12-01T21:16:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2010-12-07T08:55:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:37:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 4 Extras",
"product": {
"name": "Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "acroread-0:9.4.1-1.el4.i386",
"product": {
"name": "acroread-0:9.4.1-1.el4.i386",
"product_id": "acroread-0:9.4.1-1.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@9.4.1-1.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-plugin-0:9.4.1-1.el4.i386",
"product": {
"name": "acroread-plugin-0:9.4.1-1.el4.i386",
"product_id": "acroread-plugin-0:9.4.1-1.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@9.4.1-1.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-0:9.4.1-1.el5.i386",
"product": {
"name": "acroread-0:9.4.1-1.el5.i386",
"product_id": "acroread-0:9.4.1-1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@9.4.1-1.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-plugin-0:9.4.1-1.el5.i386",
"product": {
"name": "acroread-plugin-0:9.4.1-1.el5.i386",
"product_id": "acroread-plugin-0:9.4.1-1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@9.4.1-1.el5?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "acroread-0:9.4.1-1.el6.i686",
"product": {
"name": "acroread-0:9.4.1-1.el6.i686",
"product_id": "acroread-0:9.4.1-1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@9.4.1-1.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "acroread-plugin-0:9.4.1-1.el6.i686",
"product": {
"name": "acroread-plugin-0:9.4.1-1.el6.i686",
"product_id": "acroread-plugin-0:9.4.1-1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@9.4.1-1.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:acroread-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el4.i386 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:acroread-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el4.i386 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:acroread-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:acroread-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:acroread-0:9.4.1-1.el5.i386"
},
"product_reference": "acroread-0:9.4.1-1.el5.i386",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el5.i386",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:acroread-0:9.4.1-1.el5.i386"
},
"product_reference": "acroread-0:9.4.1-1.el5.i386",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el5.i386",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary:acroread-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary:acroread-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Workstation-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Workstation-Supplementary"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2010-3654",
"discovery_date": "2010-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "647525"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread/flash-plugin: critical vulnerablility (APSA10-05, APSB10-26)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3654"
},
{
"category": "external",
"summary": "RHBZ#647525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=647525"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3654",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3654"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3654",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3654"
}
],
"release_date": "2010-10-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-12-01T21:16:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0934"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread/flash-plugin: critical vulnerablility (APSA10-05, APSB10-26)"
},
{
"cve": "CVE-2010-4091",
"discovery_date": "2010-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "651133"
}
],
"notes": [
{
"category": "description",
"text": "The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: remote DoS or possible arbitrary code execution via EScript.api plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-4091"
},
{
"category": "external",
"summary": "RHBZ#651133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=651133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4091"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-4091",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4091"
}
],
"release_date": "2010-11-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-12-01T21:16:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0934"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: remote DoS or possible arbitrary code execution via EScript.api plugin"
}
]
}
RHSA-2010_0934
Vulnerability from csaf_redhat - Published: 2010-12-01 21:16 - Updated: 2024-11-14 11:27Summary
Red Hat Security Advisory: acroread security update
Severity
Critical
Notes
Topic: Updated acroread packages that fix two security issues are now available
for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6
Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
[Updated 7th December 2010]
The package list in this erratum has been updated to make the packages
available in the Red Hat Enterprise Linux 4 Extras IA32 channels on the
Red Hat Network.
Details: Adobe Reader allows users to view and print documents in Portable Document
Format (PDF).
This update fixes two vulnerabilities in Adobe Reader. These
vulnerabilities are detailed on the Adobe security page APSB10-28, listed
in the References section. A specially-crafted PDF file could cause Adobe
Reader to crash or, potentially, execute arbitrary code as the user running
Adobe Reader when opened. (CVE-2010-3654, CVE-2010-4091)
All Adobe Reader users should install these updated packages. They contain
Adobe Reader version 9.4.1, which is not vulnerable to these issues. All
running instances of Adobe Reader must be restarted for the update to take
effect.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.
6.8 ()
Affected products
Fixed
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:acroread-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-0:9.4.1-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-0:9.4.1-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Client-Supplementary:acroread-0:9.4.1-1.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-Supplementary:acroread-0:9.4.1-1.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.
6.8 ()
Affected products
Fixed
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS-LACD:acroread-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-0:9.4.1-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-0:9.4.1-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Client-Supplementary:acroread-0:9.4.1-1.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-Supplementary:acroread-0:9.4.1-1.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686 | — |
Vendor Fix
fix
|
Threats
Impact
Critical
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated acroread packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6\nSupplementary.\n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.\n\n[Updated 7th December 2010]\nThe package list in this erratum has been updated to make the packages\navailable in the Red Hat Enterprise Linux 4 Extras IA32 channels on the\nRed Hat Network.",
"title": "Topic"
},
{
"category": "general",
"text": "Adobe Reader allows users to view and print documents in Portable Document\nFormat (PDF).\n\nThis update fixes two vulnerabilities in Adobe Reader. These\nvulnerabilities are detailed on the Adobe security page APSB10-28, listed\nin the References section. A specially-crafted PDF file could cause Adobe\nReader to crash or, potentially, execute arbitrary code as the user running\nAdobe Reader when opened. (CVE-2010-3654, CVE-2010-4091)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 9.4.1, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2010:0934",
"url": "https://access.redhat.com/errata/RHSA-2010:0934"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb10-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"category": "external",
"summary": "647525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=647525"
},
{
"category": "external",
"summary": "651133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=651133"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0934.json"
}
],
"title": "Red Hat Security Advisory: acroread security update",
"tracking": {
"current_release_date": "2024-11-14T11:27:57+00:00",
"generator": {
"date": "2024-11-14T11:27:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2010:0934",
"initial_release_date": "2010-12-01T21:16:00+00:00",
"revision_history": [
{
"date": "2010-12-01T21:16:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2010-12-07T08:55:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T11:27:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 4 Extras",
"product": {
"name": "Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "acroread-0:9.4.1-1.el4.i386",
"product": {
"name": "acroread-0:9.4.1-1.el4.i386",
"product_id": "acroread-0:9.4.1-1.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@9.4.1-1.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-plugin-0:9.4.1-1.el4.i386",
"product": {
"name": "acroread-plugin-0:9.4.1-1.el4.i386",
"product_id": "acroread-plugin-0:9.4.1-1.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@9.4.1-1.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-0:9.4.1-1.el5.i386",
"product": {
"name": "acroread-0:9.4.1-1.el5.i386",
"product_id": "acroread-0:9.4.1-1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@9.4.1-1.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-plugin-0:9.4.1-1.el5.i386",
"product": {
"name": "acroread-plugin-0:9.4.1-1.el5.i386",
"product_id": "acroread-plugin-0:9.4.1-1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@9.4.1-1.el5?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "acroread-0:9.4.1-1.el6.i686",
"product": {
"name": "acroread-0:9.4.1-1.el6.i686",
"product_id": "acroread-0:9.4.1-1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@9.4.1-1.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "acroread-plugin-0:9.4.1-1.el6.i686",
"product": {
"name": "acroread-plugin-0:9.4.1-1.el6.i686",
"product_id": "acroread-plugin-0:9.4.1-1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@9.4.1-1.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:acroread-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el4.i386 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:acroread-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el4.i386 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:acroread-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:acroread-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el4.i386",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:acroread-0:9.4.1-1.el5.i386"
},
"product_reference": "acroread-0:9.4.1-1.el5.i386",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el5.i386",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:acroread-0:9.4.1-1.el5.i386"
},
"product_reference": "acroread-0:9.4.1-1.el5.i386",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el5.i386",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary:acroread-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary:acroread-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Workstation-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.1-1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
},
"product_reference": "acroread-plugin-0:9.4.1-1.el6.i686",
"relates_to_product_reference": "6Workstation-Supplementary"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2010-3654",
"discovery_date": "2010-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "647525"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread/flash-plugin: critical vulnerablility (APSA10-05, APSB10-26)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3654"
},
{
"category": "external",
"summary": "RHBZ#647525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=647525"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3654",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3654"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3654",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3654"
}
],
"release_date": "2010-10-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-12-01T21:16:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0934"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread/flash-plugin: critical vulnerablility (APSA10-05, APSB10-26)"
},
{
"cve": "CVE-2010-4091",
"discovery_date": "2010-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "651133"
}
],
"notes": [
{
"category": "description",
"text": "The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: remote DoS or possible arbitrary code execution via EScript.api plugin",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-4091"
},
{
"category": "external",
"summary": "RHBZ#651133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=651133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4091"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-4091",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4091"
}
],
"release_date": "2010-11-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-12-01T21:16:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0934"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.1-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.1-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-0:9.4.1-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-0:9.4.1-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.1-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.1-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.1-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.1-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.1-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: remote DoS or possible arbitrary code execution via EScript.api plugin"
}
]
}
VAR-201011-0203
Vulnerability from variot - Updated: 2023-12-18 11:02The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information. Adobe Acrobat and Reader are prone to multiple security vulnerabilities. Adobe released an advance advisory regarding multiple security vulnerabilities in Reader and Acrobat. The vendor indicates that these issues will be addressed in updates for Microsoft Windows and Mac platforms on Tuesday, November 16, 2010, and for UNIX platforms on Monday, November 30, 2010. This BID will be updated when the advisory is released. Adobe Reader and Acrobat 9.4 and earlier are vulnerable. Successful exploits may allow attackers to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition.
For more information: SA41340 SA41435 SA42030 SA42095
SOLUTION: Update to version "app-text/acroread-9.4.1" or later. ----------------------------------------------------------------------
Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM) Beta.
Join the beta: http://secunia.com/products/corporate/vim/
TITLE: Adobe Reader Unspecified Memory Corruption Vulnerability
SECUNIA ADVISORY ID: SA42095
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42095/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42095
RELEASE DATE: 2010-11-05
DISCUSS ADVISORY: http://secunia.com/advisories/42095/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/42095/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=42095
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Adobe Reader, which can be exploited by malicious people to potentially compromise a user's system.
The vulnerability is caused due to an unspecified error when parsing PDF files and can be exploited to corrupt memory.
The vulnerability is confirmed in version 9.4.0.
SOLUTION: Do not open untrusted PDF files.
PROVIDED AND/OR DISCOVERED BY: scup
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.
For more information: SA42030 SA42095
SOLUTION: Updated packages are available via Red Hat Network. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All Adobe Reader users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"
References
[ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201201-19.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201011-0203",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.9,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat reader",
"scope": "eq",
"trust": 1.0,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "rhel supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "macintosh unix"
},
{
"model": "rhel desktop supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4 and earlier for windows macintosh"
},
{
"model": "enterprise linux server supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 extras"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4.1 and earlier for windows"
},
{
"model": "reader",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "9.4 and earlier for windows"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4.8.z extras"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0) for windows macintosh"
},
{
"model": "enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 0.8,
"vendor": "adobe",
"version": "x (10.0) and earlier for windows macintosh"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "reader security updat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat professional extended",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.4"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.4"
},
{
"model": "acrobat professional security updat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.5"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.4"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.8"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.3"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.7"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.1"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.6"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.1.3"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "6.0.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "9.3.4"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "8.1.2"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "7.0.9"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise desktop sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.3"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "enterprise linux ws extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "desktop extras",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "hat enterprise linux workstation supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat standard",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat professional",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat standard",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat professional",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "9.4.1"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "44838"
},
{
"db": "BID",
"id": "44638"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"db": "NVD",
"id": "CVE-2010-4091"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-073"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-4091"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe",
"sources": [
{
"db": "BID",
"id": "44838"
}
],
"trust": 0.3
},
"cve": "CVE-2010-4091",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2010-4091",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-46696",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-4091",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201011-073",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-46696",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-4091",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-46696"
},
{
"db": "VULMON",
"id": "CVE-2010-4091"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"db": "NVD",
"id": "CVE-2010-4091"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-073"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information. Adobe Acrobat and Reader are prone to multiple security vulnerabilities. \nAdobe released an advance advisory regarding multiple security vulnerabilities in Reader and Acrobat. The vendor indicates that these issues will be addressed in updates for Microsoft Windows and Mac platforms on Tuesday, November 16, 2010, and for UNIX platforms on Monday, November 30, 2010. \nThis BID will be updated when the advisory is released. \nAdobe Reader and Acrobat 9.4 and earlier are vulnerable. \nSuccessful exploits may allow attackers to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. \n\nFor more information:\nSA41340\nSA41435\nSA42030\nSA42095\n\nSOLUTION:\nUpdate to version \"app-text/acroread-9.4.1\" or later. ----------------------------------------------------------------------\n\n\nSecure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM) Beta. \n\nJoin the beta: \nhttp://secunia.com/products/corporate/vim/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader Unspecified Memory Corruption Vulnerability\n\nSECUNIA ADVISORY ID:\nSA42095\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/42095/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42095\n\nRELEASE DATE:\n2010-11-05\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/42095/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/42095/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42095\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Reader, which can be\nexploited by malicious people to potentially compromise a user\u0027s\nsystem. \n\nThe vulnerability is caused due to an unspecified error when parsing\nPDF files and can be exploited to corrupt memory. \n\nThe vulnerability is confirmed in version 9.4.0. \n\nSOLUTION:\nDo not open untrusted PDF files. \n\nPROVIDED AND/OR DISCOVERED BY:\nscup\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. For further\ninformation please consult the CVE entries and the Adobe Security\nBulletins referenced below. This fixes multiple\nvulnerabilities, which can be exploited by malicious people to\ncompromise a user\u0027s system. \n\nFor more information:\nSA42030\nSA42095\n\nSOLUTION:\nUpdated packages are available via Red Hat Network. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[ 1 ] CVE-2010-4091\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[ 2 ] CVE-2011-0562\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[ 3 ] CVE-2011-0563\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[ 4 ] CVE-2011-0565\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[ 5 ] CVE-2011-0566\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[ 6 ] CVE-2011-0567\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[ 7 ] CVE-2011-0570\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[ 8 ] CVE-2011-0585\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[ 9 ] CVE-2011-0586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-4091"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"db": "BID",
"id": "44838"
},
{
"db": "BID",
"id": "44638"
},
{
"db": "VULHUB",
"id": "VHN-46696"
},
{
"db": "VULMON",
"id": "CVE-2010-4091"
},
{
"db": "PACKETSTORM",
"id": "97778"
},
{
"db": "PACKETSTORM",
"id": "95541"
},
{
"db": "PACKETSTORM",
"id": "97734"
},
{
"db": "PACKETSTORM",
"id": "96330"
},
{
"db": "PACKETSTORM",
"id": "109194"
}
],
"trust": 2.79
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-46696",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=15419",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-46696"
},
{
"db": "VULMON",
"id": "CVE-2010-4091"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-4091",
"trust": 3.1
},
{
"db": "BID",
"id": "44638",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "42095",
"trust": 2.7
},
{
"db": "VUPEN",
"id": "ADV-2010-2890",
"trust": 2.6
},
{
"db": "OSVDB",
"id": "69005",
"trust": 2.0
},
{
"db": "EXPLOIT-DB",
"id": "15419",
"trust": 1.8
},
{
"db": "XF",
"id": "62996",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "43025",
"trust": 1.3
},
{
"db": "SECUNIA",
"id": "42401",
"trust": 1.3
},
{
"db": "VUPEN",
"id": "ADV-2010-3111",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0191",
"trust": 1.2
},
{
"db": "VUPEN",
"id": "ADV-2011-0337",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1025033",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1024684",
"trust": 1.2
},
{
"db": "BID",
"id": "44838",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201011-073",
"trust": 0.7
},
{
"db": "FULLDISC",
"id": "20101103 [0DAYZ] ACROBAT READER MEMORY CORRUPTION REMOTE ARBITRARY CODE EXECUTION",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "109194",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-70134",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-46696",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2010-4091",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "97778",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "95541",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "97734",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "96330",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-46696"
},
{
"db": "VULMON",
"id": "CVE-2010-4091"
},
{
"db": "BID",
"id": "44838"
},
{
"db": "BID",
"id": "44638"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"db": "PACKETSTORM",
"id": "97778"
},
{
"db": "PACKETSTORM",
"id": "95541"
},
{
"db": "PACKETSTORM",
"id": "97734"
},
{
"db": "PACKETSTORM",
"id": "96330"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "NVD",
"id": "CVE-2010-4091"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-073"
}
]
},
"id": "VAR-201011-0203",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-46696"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:02:18.449000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB10-28",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"title": "APSB11-03",
"trust": 0.8,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"title": "APSB10-28",
"trust": 0.8,
"url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-28.html"
},
{
"title": "cpsid_88012",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/880/cpsid_88012.html"
},
{
"title": "cpsid_89065",
"trust": 0.8,
"url": "http://kb2.adobe.com/jp/cps/890/cpsid_89065.html"
},
{
"title": "RHSA-2010:0934",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2010-0934.html"
},
{
"title": "AdbeRdrUpd1001_Tier2",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=38291"
},
{
"title": "AcrobatUpd1001",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=38218"
},
{
"title": "AcrobatUpd1001_Tier4",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=38222"
},
{
"title": "AcroProUpd826_all",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=38275"
},
{
"title": "AdbeRdrUpd942_all_ppc",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=38360"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/0xcybery/cve-t4pdf "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2010-4091"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-073"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-46696"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"db": "NVD",
"id": "CVE-2010-4091"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://www.securityfocus.com/bid/44638"
},
{
"trust": 2.6,
"url": "http://secunia.com/advisories/42095"
},
{
"trust": 2.6,
"url": "http://www.vupen.com/english/advisories/2010/2890"
},
{
"trust": 2.1,
"url": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html"
},
{
"trust": 2.0,
"url": "http://osvdb.org/69005"
},
{
"trust": 1.9,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
},
{
"trust": 1.8,
"url": "http://www.exploit-db.com/exploits/15419"
},
{
"trust": 1.8,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html"
},
{
"trust": 1.5,
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
},
{
"trust": 1.5,
"url": "http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/62996"
},
{
"trust": 1.3,
"url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12527"
},
{
"trust": 1.2,
"url": "http://www.redhat.com/support/errata/rhsa-2010-0934.html"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id?1024684"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id?1025033"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/42401"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/43025"
},
{
"trust": 1.2,
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2010/3111"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2011/0191"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62996"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4091"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2010/at100031.txt"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-4091"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/44838"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/#topics"
},
{
"trust": 0.6,
"url": "http://www.adobe.com"
},
{
"trust": 0.3,
"url": "http://seclists.org/fulldisclosure/2010/nov/23"
},
{
"trust": 0.3,
"url": "http://kb2.adobe.com/cps/504/cpsid_50431.html"
},
{
"trust": 0.3,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.3,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.3,
"url": "http://secunia.com/products/corporate/vim/"
},
{
"trust": 0.3,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.3,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
},
{
"trust": 0.2,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.2,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/15419/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43025/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43025"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43025/#comments"
},
{
"trust": 0.1,
"url": "http://www.gentoo.org/security/en/glsa/glsa-201101-08.xml"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42095"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/42095/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/42095/#comments"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2890"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3656"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3619"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2889"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2883"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2890"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3629"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3629"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3619"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3625"
},
{
"trust": 0.1,
"url": "http://www.adobe.com/support/security/bulletins/apsb10-21.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3628"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2883"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3625"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3626"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3657"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3654"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3657"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3622"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3658"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2884"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3632"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3654"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3632"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2889"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3622"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3656"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2887"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3621"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3626"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3627"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2884"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3658"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2887"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3630"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3630"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42401"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/42401/"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2010-0934.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/42401/#comments"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-46696"
},
{
"db": "VULMON",
"id": "CVE-2010-4091"
},
{
"db": "BID",
"id": "44838"
},
{
"db": "BID",
"id": "44638"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"db": "PACKETSTORM",
"id": "97778"
},
{
"db": "PACKETSTORM",
"id": "95541"
},
{
"db": "PACKETSTORM",
"id": "97734"
},
{
"db": "PACKETSTORM",
"id": "96330"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "NVD",
"id": "CVE-2010-4091"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-073"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-46696"
},
{
"db": "VULMON",
"id": "CVE-2010-4091"
},
{
"db": "BID",
"id": "44838"
},
{
"db": "BID",
"id": "44638"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"db": "PACKETSTORM",
"id": "97778"
},
{
"db": "PACKETSTORM",
"id": "95541"
},
{
"db": "PACKETSTORM",
"id": "97734"
},
{
"db": "PACKETSTORM",
"id": "96330"
},
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "NVD",
"id": "CVE-2010-4091"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-073"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-46696"
},
{
"date": "2010-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2010-4091"
},
{
"date": "2010-11-12T00:00:00",
"db": "BID",
"id": "44838"
},
{
"date": "2010-11-04T00:00:00",
"db": "BID",
"id": "44638"
},
{
"date": "2010-12-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"date": "2011-01-24T07:05:02",
"db": "PACKETSTORM",
"id": "97778"
},
{
"date": "2010-11-05T10:53:47",
"db": "PACKETSTORM",
"id": "95541"
},
{
"date": "2011-01-21T21:14:13",
"db": "PACKETSTORM",
"id": "97734"
},
{
"date": "2010-12-03T09:08:04",
"db": "PACKETSTORM",
"id": "96330"
},
{
"date": "2012-01-31T00:07:37",
"db": "PACKETSTORM",
"id": "109194"
},
{
"date": "2010-11-07T22:00:03.410000",
"db": "NVD",
"id": "CVE-2010-4091"
},
{
"date": "2010-11-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201011-073"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-46696"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2010-4091"
},
{
"date": "2013-06-20T09:38:00",
"db": "BID",
"id": "44838"
},
{
"date": "2013-06-20T09:40:00",
"db": "BID",
"id": "44638"
},
{
"date": "2011-02-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-002470"
},
{
"date": "2018-10-30T16:25:16.967000",
"db": "NVD",
"id": "CVE-2010-4091"
},
{
"date": "2011-07-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201011-073"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "109194"
},
{
"db": "CNNVD",
"id": "CNNVD-201011-073"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adobe Reader and Acrobat of EScript.api Vulnerability to execute arbitrary code in plug-in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-002470"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201011-073"
}
],
"trust": 0.6
}
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…