Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:4087FA9BA2E83B1761565A4E280BC32F
HistoryJun 17, 2010 - 12:00 a.m.

Adobe Reader authplay.dll newfunction Memory Corruption

2010-06-1700:00:00
SAINT Corporation
www.saintcorporation.com
13

0.355 Low

EPSS

Percentile

96.7%

JSON

Added: 06/17/2010
CVE: CVE-2010-1297
BID: 40586
OSVDB: 65141

Background

Adobe Reader is free software for viewing PDF documents.

Problem

A memory corruption vulnerability in **authplay.dll** provided with Adobe Reader 9.3.2 and earlier 9.x versions allows command execution when a user opens a specially crafted PDF file that contains Shockwave Flash (SWF) content that calls the **newfunction()** function with invalid parameters.

Resolution

Apply the patches referenced in APSA10-01 when they become available. In the interim, follow the relevant directions for mitigating the vulnerability in Adobe Reader.

References

<http://secunia.com/advisories/40034&gt;

Limitations

Exploit works on Adobe Reader 9.3.0.

The user must open the exploit file in Adobe Reader.

Platforms

Windows

Related

seebug 4
exploitpack 2
saint 3
openvas 20
checkpoint_advisories 4
securityvulns 6
attackerkb 1
cvelist 1
cve 1
canvas 1
threatpost 2
packetstorm 3
cert 1
metasploit 2
prion 1
ubuntucve 1
cisa_kev 1
exploitdb 4
thn 1
nessus 25
suse 2
redhat 3
securelist 1
freebsd 1
gentoo 2
seebug
seebug
Adobe Acrobat Reader and Flash Player - “newclass” invalid pointer
2014-07-02 00:00:00
Adobe Flash and Reader - 0day Exploit PoC (from the wild)
2014-07-01 00:00:00
Adobe Flash Player "newfunction" Invalid Pointer Use
2014-07-01 00:00:00
exploitpack
exploitpack
Adobe Acrobat Reader and Flash Player - newclass Invalid Pointer
2010-09-01 00:00:00
Adobe Flash Reader - Live Malware
2010-06-09 00:00:00
saint
saint
Adobe Reader authplay.dll newfunction Memory Corruption
2010-06-17 00:00:00
Adobe Reader authplay.dll newfunction Memory Corruption
2010-06-17 00:00:00
Adobe Reader authplay.dll newfunction Memory Corruption
2010-06-17 00:00:00
openvas
openvas
Adobe Products Remote Code Execution Vulnerability (Jun 2010) - Windows
2010-06-15 00:00:00
Adobe Products Remote Code Execution Vulnerability - jun10 (Windows)
2010-06-15 00:00:00
Adobe Products Remote Code Execution Vulnerability (Jun 2010) - Linux
2010-06-15 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player authplay.dll Component Code Execution (APSA10-01; CVE-2010-1297)
2010-06-07 00:00:00
Adobe Multiple Products authplay.dll PDF File Code Execution - Ver2 (CVE-2010-1297)
2014-03-31 00:00:00
Adobe Multiple Products authplay.dll PDF File Code Execution (APSA10-01; CVE-2010-1297)
2010-06-10 00:00:00
securityvulns
securityvulns
US-CERT Technical Cyber Security Alert TA10-162A -- Adobe Flash and AIR Vulnerabilities
2010-06-12 00:00:00
Security Advisory for Flash Player, Adobe Reader and Acrobat
2010-06-11 00:00:00
Adobe Flash Player / Acrobat / Reader memory corruptions
2010-06-26 00:00:00
attackerkb
attackerkb
CVE-2010-1297
2010-06-08 00:00:00
cvelist
cvelist
CVE-2010-1297
2010-06-08 18:00:00
cve
cve
CVE-2010-1297
2010-06-08 18:30:00
canvas
canvas
Immunity Canvas: FLASH_NEWFUNCTION
2010-06-08 18:30:00
threatpost
threatpost
Adobe to Release Flash Patch June 10
2010-06-08 10:56:42
Adobe Warns of Flash, PDF Zero Day Attack
2010-06-05 03:10:19
packetstorm
packetstorm
Adobe Flash Player newfucntion Invalid Pointer Use
2010-06-15 00:00:00
Month Of Abysssec Undisclosed Bugs - Adobe Reader / Flash Invalid Pointer
2010-09-01 00:00:00
Adobe Flash Player newfunction Invalid Pointer Use
2010-06-15 00:00:00
cert
cert
Adobe Flash ActionScript AVM2 newfunction vulnerability
2010-06-07 00:00:00
metasploit
metasploit
Adobe Flash Player "newfunction" Invalid Pointer Use
2010-06-10 20:28:05
Adobe Flash Player "newfunction" Invalid Pointer Use
2010-06-10 19:52:43
prion
prion
Memory corruption
2010-06-08 18:30:00
ubuntucve
ubuntucve
CVE-2010-1297
2010-06-08 00:00:00
cisa_kev
cisa_kev
Adobe Flash Player Memory Corruption Vulnerability
2022-06-08 00:00:00
exploitdb
exploitdb
Adobe Flash Player - &#039;newfunction&#039; Invalid Pointer Use (Metasploit) (1)
2010-09-20 00:00:00
Adobe Flash / Reader - Live Malware
2010-06-09 00:00:00
Adobe Flash Player - &#039;newfunction&#039; Invalid Pointer Use (Metasploit) (2)
2010-09-25 00:00:00
thn
thn
Bleeding Life 2 Exploit Pack Released
2011-10-24 04:30:00
nessus
nessus
Adobe Reader < 9.3.3 / 8.2.3 Multiple Vulnerabilities (APSB10-15)
2010-06-30 00:00:00
Adobe Acrobat < 9.3.3 / 8.2.3 Multiple Vulnerabilities (APSB10-15)
2010-06-30 00:00:00
SuSE 10 Security Update : acroread (ZYPP Patch Number 7086)
2011-01-27 00:00:00
suse
suse
remote code execution in acroread
2010-07-08 11:59:38
remote code execution in flash-player
2010-06-11 17:44:20
redhat
redhat
(RHSA-2010:0503) Critical: acroread security update
2010-06-30 00:00:00
(RHSA-2010:0464) Critical: flash-plugin security update
2010-06-11 00:00:00
(RHSA-2010:0470) Critical: flash-plugin security update
2010-06-14 00:00:00
securelist
securelist
Investigation Report for the September 2014 Equation malware detection incident in the US
2017-11-16 10:00:34
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2008-10-02 00:00:00
gentoo
gentoo
Adobe Reader: Multiple vulnerabilities
2010-09-07 00:00:00
Adobe Flash Player: Multiple vulnerabilities
2011-01-21 00:00:00

0.355 Low

EPSS

Percentile

96.7%

JSON
Related for SAINT:4087FA9BA2E83B1761565A4E280BC32F
seebug4exploitpack2saint3openvas20checkpoint_advisories4securityvulns6attackerkb1cvelist1cve1canvas1threatpost2packetstorm3cert1metasploit2prion1ubuntucve1cisa_kev1exploitdb4thn1nessus25suse2redhat3securelist1freebsd1gentoo2