Lucene search

[email protected]NVD:CVE-2010-4091

HistoryNov 07, 2010 - 10:00 p.m.

CVE-2010-4091

2010-11-0722:00:03

CWE-119

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.846 High

EPSS

Percentile

98.5%

JSON

The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

adobeacrobat_readerMatch8.0

adobeacrobat_readerMatch8.1

adobeacrobat_readerMatch8.1.1

adobeacrobat_readerMatch8.1.2

adobeacrobat_readerMatch8.1.4

adobeacrobat_readerMatch8.1.5

adobeacrobat_readerMatch8.1.6

adobeacrobat_readerMatch8.1.7

adobeacrobat_readerMatch8.2

adobeacrobat_readerMatch8.2.1

adobeacrobat_readerMatch8.2.2

adobeacrobat_readerMatch8.2.3

adobeacrobat_readerMatch8.2.4

adobeacrobat_readerMatch9.0

adobeacrobat_readerMatch9.1

adobeacrobat_readerMatch9.1.1

adobeacrobat_readerMatch9.1.2

adobeacrobat_readerMatch9.1.3

adobeacrobat_readerMatch9.2

adobeacrobat_readerMatch9.3

adobeacrobat_readerMatch9.3.1

adobeacrobat_readerMatch9.3.2

adobeacrobat_readerMatch9.3.3

adobeacrobat_readerMatch9.3.4

adobeacrobat_readerMatch9.4

adobeacrobat_readerMatch10.0

AND

applemac_os_x

microsoftwindows

Node

adobeacrobatMatch8.0

adobeacrobatMatch8.1

adobeacrobatMatch8.1.1

adobeacrobatMatch8.1.2

adobeacrobatMatch8.1.3

adobeacrobatMatch8.1.4

adobeacrobatMatch8.1.5

adobeacrobatMatch8.1.6

adobeacrobatMatch8.1.7

adobeacrobatMatch8.2

adobeacrobatMatch8.2.1

adobeacrobatMatch8.2.2

adobeacrobatMatch8.2.3

adobeacrobatMatch8.2.4

adobeacrobatMatch9.0

adobeacrobatMatch9.1

adobeacrobatMatch9.1.1

adobeacrobatMatch9.1.2

adobeacrobatMatch9.1.3

adobeacrobatMatch9.2

adobeacrobatMatch9.3

adobeacrobatMatch9.3.1

adobeacrobatMatch9.3.2

adobeacrobatMatch9.3.3

adobeacrobatMatch9.3.4

adobeacrobatMatch9.4

adobeacrobatMatch10.0

AND

applemac_os_x

microsoftwindows

References

archives.neohapsis.com/archives/fulldisclosure/2010-11/0024.html

blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html

extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html

lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html

osvdb.org/69005

secunia.com/advisories/42095

secunia.com/advisories/42401

secunia.com/advisories/43025

security.gentoo.org/glsa/glsa-201101-08.xml

www.adobe.com/support/security/bulletins/apsb10-28.html

www.adobe.com/support/security/bulletins/apsb11-03.html

www.exploit-db.com/exploits/15419

www.redhat.com/support/errata/RHSA-2010-0934.html

www.securityfocus.com/bid/44638

www.securitytracker.com/id?1024684

www.securitytracker.com/id?1025033

www.vupen.com/english/advisories/2010/2890

www.vupen.com/english/advisories/2010/3111

www.vupen.com/english/advisories/2011/0191

www.vupen.com/english/advisories/2011/0337

exchange.xforce.ibmcloud.com/vulnerabilities/62996

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12527

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.846 High

EPSS

Percentile

98.5%

JSON

Related for NVD:CVE-2010-4091

openvas13 cve1 ubuntucve1 prion1 cvelist1 checkpoint_advisories2 nessus19 suse2 redhat1 gentoo2 securityvulns2