CVE-2010-1241
🔴 Łataj teraz
Przepełnienie bufora w Adobe Reader i Acrobat umożliwia zdalne wykonanie kodu.
CVSS
9.3
EPSS
26.2%
Exploit
poc
Vendor
adobe
Opis źródłowy (NVD)
Heap-based buffer overflow in the custom heap management system in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, aka FG-VD-10-005.
buffer-overflow dos exploit
Brak patcha
Źródła i daty
| Źródło | Wartość |
|---|---|
| NVD – CVSS | 9.3 |
| CISA KEV (aktywnie wykorzystywane) | Nie |
| FIRST EPSS (prawdopodobieństwo exploita) | 26.2% |
| Opublikowano (NVD) | 2010-04-05 15:30:01 UTC |
| Ostatnia modyfikacja (NVD) | 2026-04-29 01:13:23 UTC |
Referencje
- http://blog.fortinet.com/the-upcoming-blackhat-europe-2010-presentation/ (cve@mitre.org) [Exploit]
- http://lists.immunitysec.com/pipermail/dailydave/2010-April/006077.html (cve@mitre.org)
- http://www.adobe.com/support/security/bulletins/apsb10-09.html (cve@mitre.org)
- http://www.blackhat.com/html/bh-eu-10/bh-eu-10-briefings.html#Li (cve@mitre.org)
- http://www.securityfocus.com/bid/39227 (cve@mitre.org)
- http://www.securityfocus.com/bid/39329 (cve@mitre.org)
- http://www.us-cert.gov/cas/techalerts/TA10-103C.html (cve@mitre.org) [US Government Resource]
- http://www.vupen.com/english/advisories/2010/0873 (cve@mitre.org) [Vendor Advisory]
- http://www.youtube.com/watch?v=9EVHtY1-0q8 (cve@mitre.org)
- https://exchange.xforce.ibmcloud.com/vulnerabilities/57589 (cve@mitre.org)
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6940 (cve@mitre.org)